Web Server Path Traversal

Impact: High


When a web server fails to properly normalize and validate the ../ sequence in URL paths, it enables attackers to access files outside the intended directory structure. This vulnerability can lead to reading sensitive system files such as /etc/passwd or application configuration files. The issue may arise due to bugs in the web server or the router application responsible for serving static files.


To mitigate this risk:


Last updated on May 13, 2024

This issue is available in SmartScanner Professional

See Pricing