Web Server Path Traversal
Impact: High
Description
When a web server fails to normalize and validate the ../
sequence properly, it enables attackers to access files outside the public web directory. This vulnerability can lead to reading sensitive system files like /etc/passwd
or application configurations files.
This issue might be because of a bug in the web server or the router application serving static files.
Recommendation
Make sure the web server is up to date. If you’re using a component for serving the static files update it as well. Finally, debug and trace your web application to find where the route is dispatched and use validation to prevent serving files outside of the intended path.
References
👉 You might also like:
Apache 2.4.49 Path Traversal and RCE - CVE-2021-41773, CVE-2021-42013
Apache and Express Path Traversal plus Nginx Restriction Bypass Tests with SmartScanner
Nginx Integer Overflow - CVE-2017-7529
The Heartbleed Bug - CVE-2014-0160
Last updated on October 10, 2021