CWE-434: Unrestricted Upload of File with Dangerous Type

BaseDraftExploit Likelihood: Medium🏆 #6 in Top 25 (2024)

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

View on MITRE
322Related CVEs
20.26Severity Score
Back to CWE Lookup

Technical Details

Structure
Simple

Applicable To

Languages
ASP.NETPHPNot Language-Specific
Platforms

🏆 CWE Top 25 Historical Ranking

2023:#10
Score: 10.41
298 CVEs
2024:#6↑4
Score: 20.26
322 CVEs
Trend:Worsening (moved down 4 ranks)

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-434

CWE Top 25 Most Dangerous

See how this weakness ranks against others

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references