logo

Database

Elixir Send File Path Traversal

Description

This detector identifies path traversal vulnerabilities in Elixir applications where file sending functions accept unsanitized user input. Path traversal attacks allow attackers to access files outside the intended directory by using relative path sequences like "../" to navigate to sensitive system files or application data.

Weakness:

063 - Lack of data validation - Path Traversal

Category: Unexpected Injection

Detection Strategy

    The detector analyzes Elixir file sending operations (such as send_file functions) in the codebase

    It checks if the file path parameter in these operations can be traced back to user-controlled input sources

    A vulnerability is reported when user input flows to file sending functions without proper path sanitization or validation

    The detection focuses on cases where attackers could potentially manipulate file paths to access unauthorized files through directory traversal techniques

Vulnerable code example

defmodule VulnerableController do
  import Plug.Conn
  use Phoenix.Controller

  def download_file(conn) do
    filename = conn.params["file"]
    
    # VULNERABLE: User-controlled filename directly passed to send_file - allows path traversal...

✅ Secure code example

defmodule VulnerableController do
  import Plug.Conn
  use Phoenix.Controller

  @base_dir "priv/static"

  def download_file(conn) do
    filename = conn.params["file"]...