Elixir Write Path Traversal
Description
This detector identifies path traversal vulnerabilities in Elixir file write operations. It finds cases where user-controlled input flows to file system write functions without proper sanitization, allowing attackers to write files outside intended directories by using relative path sequences like "../".
Detection Strategy
• Identifies function calls that perform file write operations (matching known file sink patterns)
• Extracts the destination parameter from the file write function call
• Traces data flow from the destination parameter backwards to determine if it originates from user input
• Reports a vulnerability when user-controlled data reaches a file write operation without proper path sanitization
Vulnerable code example
defmodule PathTraversalController do
import Plug.Conn
def vulnerable_write(conn) do
filename = conn.params["filename"]
# VULNERABLE: User-controlled filename reaches File.write!/2 without path validation
File.write!("uploads/" <> filename, "content")...✅ Secure code example
defmodule PathTraversalController do
import Plug.Conn
@base_dir "uploads"
def vulnerable_write(conn) do
filename = conn.params["filename"]
...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.