CVEbaza.plCWE DictionaryCWE-1314
Common Weakness Enumeration

CWE-1314

Missing Write Protection for Parametric Data Values

Category: BaseCVE: 1
Description

The device does not write-protect the parametric data values for sensors that scale the sensor value, allowing untrusted software to manipulate the apparent result and potentially damage hardware or cause operational failure.

CVE vulnerabilities with CWE-1314 (1)
7.7
CVSS
HIGH
CVE-2026-40188

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4.

pub. 2026-04-10
Information
ID: CWE-1314
Type: Base
Vulnerabilities: 1
MITRE CWE ↗
← CWE Dictionary