Description
When a web server fails to properly normalize and validate the ../ sequence in URL paths, it enables attackers to access files outside the intended directory structure. This vulnerability can lead to reading sensitive system files such as /etc/passwd or application configuration files. The issue may arise due to bugs in the web server or the router application responsible for serving static files.
Recommendation
To mitigate this risk:
- Ensure the web server and any components used for serving static files are kept up to date to patch known vulnerabilities.
- Implement proper validation and sanitization mechanisms in your web application to prevent serving files outside of the intended path.
- Conduct thorough debugging and tracing of your web application’s route dispatching to identify and rectify potential vulnerabilities.
References
Related Issues
- Apache 2.4.49 Path Traversal and RCE - CVE-2021-41773, CVE-2021-42013
- Nginx Integer Overflow - CVE-2017-7529
- Apache mod_proxy 2.4.48 SSRF - CVE-2021-40438
- Apache Struts 2 RCE S2-045 - CVE-2017-5638
- Tags:
- Path Traversal
- NodeJs
- Express
- Web Server
Anything's wrong? Let us know Last updated on May 13, 2024