The product, when opening a file or directory, does not sufficiently account for when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.
View on MITREFailure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. /etc/passwd). When the process opens the file, the attacker can assume the privileges of that process.
No mitigation information available for this CWE.
No detection method information available for this CWE.
Hard link and possibly symbolic link following vulnerabilities in embedded operating system allow local users to overwrite arbitrary files.
View DetailsServer creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.
View DetailsOperating system allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
View DetailsWeb hosting manager follows hard links, which allows local users to read or modify arbitrary files.
View DetailsPackage listing system allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
View DetailsThe Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
View Details"Zip Slip" vulnerability in Go-based Open Container Initiative (OCI) registries product allows writing arbitrary files outside intended directory via symbolic links or hard links in a gzipped tarball.
View Detailssetuid root tool allows attackers to read secret data by replacing a temp file with a hard link to a sensitive file
View DetailsNo relationship information available for this CWE.
CWE-62: UNIX Hard Link is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product, when opening a file or directory, does not sufficiently account for when the name is associated with a hard link to a target that is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. Failure for a system to check for hard links can result in vulnerability to different types of attacks. For example, an attacker can escalate their privileges if a file used by a privileged program is replaced with a hard link to a sensitive file (e.g. /etc/passwd). When the process opens the file, the attacker can assume the privileges of that process.
If exploited, CWE-62 (UNIX Hard Link) it can compromise Confidentiality and Integrity, leading to outcomes such as Read Files or Directories and Modify Files or Directories.
CWE-62 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
MITRE documents real CVEs mapped to CWE-62, including CVE-2002-0793, CVE-2003-0578, CVE-1999-0783, CVE-2004-1603 and CVE-2004-1901. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.
A CWE (Common Weakness Enumeration) like CWE-62 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.