Back to CWE Lookup

CWE-434: Unrestricted Upload of File with Dangerous Type

BaseDraftExploit Likelihood: Medium
🏆 #6 in CWE Top 25 20244
View on MITRE

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Technical Details

Structure
Simple

Applicable To

Languages
ASP.NETPHPNot Language-Specific
Platforms

🏆 CWE Top 25 Historical Ranking

2023:#10
Score: 10.41
298 CVEs
2024:#6↑4
Score: 20.26
322 CVEs
Trend:Worsening (moved down 4 ranks)

Additional Resources

CWE-434: Unrestricted Upload of File with Dangerous Type | #6 in CWE Top 25 2024 | CWE Lookup | Inventive HQ