The product receives data from an upstream component, but does not filter or incorrectly filters special elements before sending it to a downstream component.

What CVEs are caused by CWE-790?

12 recorded CVEs are attributed to CWE-790, including CVE-2023-22578, CVE-2021-43802, CVE-2024-31616.

What are the consequences of CWE-790?

Exploiting CWE-790 can lead to: Unexpected State.

Is CWE-790 actively exploited?

12 recorded CVEs are caused by CWE-790; none are currently in CISA's KEV catalog of actively exploited flaws.

CWE-790: Improper Filtering of Special Elements

CVE-2026-2328

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

The following code takes untrusted input and uses a regular expression to filter "../" from the input. It then appends this result to the /home/user/ directory and attempts to read the file in the final resulting path.

Vulnerable example

perl

my $Username = GetUntrustedInput();

Attack input

plaintext

../../../etc/passwd

Resulting query

plaintext

../../etc/passwd

Resulting query

plaintext

/home/user/../../etc/passwd

CWE-790: Improper Filtering of Special Elements

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Code examples

Frequently asked questions

What is CWE-790?

What CVEs are caused by CWE-790?

What are the consequences of CWE-790?

Is CWE-790 actively exploited?

References

Stay ahead of CWE-790

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Code examples

Related weaknesses

Parent

Child

Frequently asked questions

What is CWE-790?

What CVEs are caused by CWE-790?

What are the consequences of CWE-790?

Is CWE-790 actively exploited?

References

Stay ahead of CWE-790