保護DataHogo
Security Encyclopedia/OWASP Web Top 10
mediumCWE-840A04:2021

Insecure Design

The application's architecture has fundamental security flaws — business logic on the client side, missing server-side validation, or no threat modeling.

How It Works

Insecure design is different from implementation bugs — it's a flaw in the architecture itself. Common patterns include putting authorization logic only in the frontend (React conditionals), relying on client-side validation without server-side checks, or designing flows that can be abused (like unlimited password reset attempts). No amount of perfect implementation can fix a fundamentally insecure design.

Vulnerable Code
// React component — auth check only in frontend
{user.role === 'admin' && (
  <button onClick={deleteAllUsers}>
    Delete All Users
  </button>
)}
Secure Code
// API route — auth check on the server
app.delete('/api/users', async (req, res) => {
  if (req.auth.role !== 'admin') {
    return res.status(403).json({ error: 'Forbidden' });
  }
  await db.users.deleteMany();
});

Real-World Example

Snapchat's Find Friends feature (2014) had an insecure design that allowed attackers to enumerate all phone numbers by brute-forcing the API. 4.6 million usernames and phone numbers were leaked because the API had no rate limiting by design.

How to Prevent It

  • Always validate authorization on the server, never only in the frontend
  • Implement rate limiting on sensitive operations
  • Use threat modeling during the design phase
  • Apply defense in depth — multiple layers of security

Affected Technologies

Node.jsReactNext.jsPythonGoJavaPHP

Data Hogo detects this vulnerability automatically.

Scan Your Repo Free

Related Vulnerabilities

Broken Access Control

high

Users can act outside their intended permissions, accessing other users' data or admin functionality without proper authorization checks.

CWE-284A01:2021

Cryptographic Failures

high

Sensitive data is exposed due to weak or missing encryption — using outdated algorithms like MD5/SHA1, storing passwords in plaintext, or transmitting data without TLS.

CWE-327A02:2021

Supply Chain Failures

medium

Your application inherits vulnerabilities from third-party dependencies — outdated packages with known CVEs that attackers actively exploit.

CWE-1395A06:2021

Security Misconfiguration

medium

Default configurations, open CORS policies, debug mode in production, or verbose error messages expose your application to attackers.

CWE-16A05:2021