CWE-434: Unrestricted Upload of File with Dangerous Type
BaseDraftExploit Likelihood: Medium🏆 #6 in Top 25 (2024)
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
View on MITRE322Related CVEs
20.26Severity Score
Back to CWE Lookup
Technical Details
- Structure
- Simple
Applicable To
ASP.NETPHPNot Language-Specific
🏆 CWE Top 25 Historical Ranking
2023:#10
Score: 10.41
298 CVEs
2024:#6↑4
Score: 20.26
322 CVEs
Trend:Worsening (moved down 4 ranks)
Learn More
Find Related CVEs
Search for vulnerabilities that exploit CWE-434
CWE Top 25 Most Dangerous
See how this weakness ranks against others
CVE vs CWE: What's the Difference?
Understanding vulnerabilities vs weaknesses
Understanding CVSS Scoring
How vulnerability severity is measured
View Full MITRE Entry
Complete technical details and references