Unvalidated user input used in file path
Description
User-controlled input is used to build a file path. If not properly sanitized, an attacker can perform path traversal using sequences like `../` to access unauthorized files on the server.
Examples
Insecure Code
java
File file = new File("/dir/" + userInput);Secure Code
java
String fileName = FilenameUtils.getName(userInput); File file = new File("/fixed/dir/" + fileName);Remediation
Use input validation or allowlists and extract only file names using safe methods like `FilenameUtils.getName(userInput)`
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0645 |
| Category | Injection |
| Severity | CRITICAL |
| CWE | CWE-23 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | path traversal, file inclusion |
| OWASP | A01:2021-Broken Access Control |