CWE-698: Execution After Redirect (EAR)
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The web application sends a redirect to another location, but instead of exiting, it executes additional code.
常见后果
影响范围: Other Confidentiality Integrity Availability
技术影响: Alter Execution Logic Execute Unauthorized Code or Commands
说明: This weakness could affect the control flow of the application and allow execution of untrusted code.
检测方法
方法: Black Box
This issue might not be detected if testing is performed using a web browser, because the browser might obey the redirect and move the user to a different page before the application has produced outputs that indicate something is amiss.
观察示例
参考: CVE-2013-1402
Execution-after-redirect allows access to application configuration details.
参考: CVE-2009-1936
chain: library file sends a redirect if it is directly requested but continues to execute, allowing remote file inclusion and path traversal.
参考: CVE-2007-2713
Remote attackers can obtain access to administrator functionality through EAR.
参考: CVE-2007-4932
Remote attackers can obtain access to administrator functionality through EAR.
参考: CVE-2007-5578
Bypass of authentication step through EAR.
参考: CVE-2007-2713
Chain: Execution after redirect triggers eval injection.
参考: CVE-2007-6652
chain: execution after redirect allows non-administrator to perform static code injection.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |