063 – Lack of data validation - Path Traversal

Description

The software uses external input to construct a pathname that is intended to identify a file or directory but it does not properly neutralize or validate special elements within the pathname.

Impact

Make the software resolve the pathname to a location that is outside of the intended target, for instance: /etc/passwd.

Recommendation

- Prevent the attacker from constructing the pathname. - Validate/Neutralize the input for special elements like: .., ~, /.

Threat

Authenticated attacker from the Internet.

Expected Remediation Time

45 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: L
• Attack Requirements: N
• Privileges required: N
• User interaction: N
• Confidentiality (VC): L
• Integrity (VI): N
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: P

Requirements

• 173 - Discard unsafe inputs
• 320 - Avoid client-side control enforcement
• 342 - Validate request parameters

Fixes

• Csharp
• Elixir
• Go
• Java
• Php
• Python
• Ruby
• Scala
• Typescript

Last updated

2024/02/09