CAPEC-126 - Path Traversal

An adversary uses path manipulation methods to exploit insufficient input validation of a target to obtain access to data that should be not be retrievable by ordinary well-formed requests. A typical variety of this attack involves specifying a path to a desired file together with dot-dot-slash characters, resulting in the file access API or function traversing out of the intended directory structure and into the root file system. By replacing or modifying the expected path information the access function or API retrieves the file desired by the attacker. These attacks either involve the attacker providing a complete path to a targeted file or using control characters (e.g. path separators (/ or \) and/or dots (.)) to reach desired directories or files.

Severity

Likelihood

Confidentiality

Integrity

Availability

The attacker must be able to control the path that is requested of the target.

The target must fail to adequately sanitize incoming paths

The ability to manually manipulate path information either directly through a client application relative to the service or application or via a proxy application.