Windows Path Disclosure
Impact: Informational
Description
File and directory paths reveal information about the structure of the file system of the underlying OS. This information does not create any direct impact on the target, though it provides valuable information attackers can use in their attack. Attackers can leverage disclosed paths to gain insights into the system’s configuration and potentially identify additional attack vectors.
Recommendation
If it’s not displayed intentionally, fix the reason causing the disclosure and make sure the path is not revealed due to errors and misconfigurations. Implement access controls and input validation to prevent unintended disclosure of sensitive information.
References
👉 You might also like:
Unix Path Disclosure - Vulnerability
Path Disclosure in Robots.txt - Vulnerability
Apache Version Disclosure - Vulnerability
Arbitrary Source Code Disclosure - Vulnerability
Last updated on May 13, 2024