Home/CWE/Exposure of Resource to Wrong Sphere
Weakness

Exposure of Resource to Wrong Sphere

CWE-668 · Class · Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

Extended description

Resources such as files and directories may be inadvertently exposed through mechanisms such as insecure permissions, or when a program accidentally operates on the wrong object. For example, a program may intend that private files can only be provided to a specific user. This effectively defines a control sphere that is intended to prevent attackers from accessing these private files.

If the file permissions are insecure, then parties other than the user will be able to access those files. A separate control sphere might effectively require that the user can only access the private files, but not any other files on the system. If the program does not ensure that the user is only requesting private files, then the user might be able to access other files on the system.

In either case, the end result is that a resource has been exposed to the wrong party.

Weakness Relationships

Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOfCWE-664 · Improper Control of a Resource Through its Lifetime
Children (more specific)
ParentOfCWE-1189 · Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
ParentOfCWE-1282 · Assumed-Immutable Data is Stored in Writable Memory
ParentOfCWE-1327 · Binding to an Unrestricted IP Address
ParentOfCWE-1331 · Improper Isolation of Shared Resources in Network On Chip (NoC)
ParentOfCWE-134 · Use of Externally-Controlled Format String
ParentOfCWE-200 · Exposure of Sensitive Information to an Unauthorized Actor
ParentOfCWE-374 · Passing Mutable Objects to an Untrusted Method
ParentOfCWE-375 · Returning a Mutable Object to an Untrusted Caller
ParentOfCWE-377 · Insecure Temporary File
ParentOfCWE-402 · Transmission of Private Resources into a New Sphere ('Resource Leak')
ParentOfCWE-426 · Untrusted Search Path
ParentOfCWE-427 · Uncontrolled Search Path Element
ParentOfCWE-428 · Unquoted Search Path or Element
ParentOfCWE-488 · Exposure of Data Element to Wrong Session
ParentOfCWE-491 · Public cloneable() Method Without Final ('Object Hijack')
ParentOfCWE-492 · Use of Inner Class Containing Sensitive Data
ParentOfCWE-493 · Critical Public Variable Without Final Modifier
ParentOfCWE-498 · Cloneable Class Containing Sensitive Information
ParentOfCWE-499 · Serializable Class Containing Sensitive Data
ParentOfCWE-522 · Insufficiently Protected Credentials
ParentOfCWE-524 · Use of Cache Containing Sensitive Information
ParentOfCWE-552 · Files or Directories Accessible to External Parties
ParentOfCWE-582 · Array Declared Public, Final, and Static
ParentOfCWE-583 · finalize() Method Declared Public
ParentOfCWE-608 · Struts: Non-private Field in ActionForm Class
ParentOfCWE-642 · External Control of Critical State Data
ParentOfCWE-732 · Incorrect Permission Assignment for Critical Resource
ParentOfCWE-767 · Access to Critical Private Variable via Public Method
ParentOfCWE-8 · J2EE Misconfiguration: Entity Bean Declared Remote
ParentOfCWE-927 · Use of Implicit Intent for Sensitive Communication

CVEs With This Weakness

787
A sample of the 787 CVEs tagged with this weakness.
CVECVE-2026-6830
CVECVE-2026-45411
CVECVE-2026-44552
CVECVE-2026-44338
CVECVE-2026-44009
CVECVE-2026-44008
CVECVE-2026-42875
CVECVE-2026-41369
CVECVE-2026-41368
CVECVE-2026-41362
CVECVE-2026-39911
CVECVE-2026-35658

Nuclei Scanner Templates

24
Open-source Nuclei templates that detect this weakness class - an actionable scan-for-it pivot. Licensed under the ProjectDiscovery / Nuclei terms.
criticalFortinet FortiNAC - Arbitrary File Write
criticalUnRaid <=6.80 - Remote Code Execution
high3CX Phone System - Installer Page Exposure
highWAVLINK WN535 G3 - Information Disclosure
highPiano LED Visualizer 1.3 - Local File Inclusion
highWAVLINK WN535 G3 - Information Disclosure
highThinkPHP 5.0.24 - Information Disclosure
highWAVLINK WN530HG4 - Improper Access Control
highAkkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
highJeecg P3 Biz Chat - Local File Inclusion
highIssabel PBX 4.0.0-6 - Directory Listing
highDedeCMS 5.7 - Path Disclosure
mediumphpfastcache - phpinfo Resource Exposure
mediumEyouCms v1.6.3 - Information Disclosure
infoTenda 11n Wireless Router - Admin Panel
infoEpson Device Unauthorized Access Detect
infoCheckmate Login Panel - Detect
infoOffice Web Apps Server Panel - Detect
infoApache Ambari Exposure Admin Login Panel
infoApache Airflow Admin Login Panel
infoSicom MGRNG - Administrative Login Found
infoAvantFAX Login Panel
infoCodeMeter - WebAdmin Panel Access
infoOpen Virtualization Userportal & Webadmin Panel Detection
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin