Path Traversal in File Upload
Description
The filename provided by the FileUpload API can be tampered with, which could lead to unauthorized access or file inclusion vulnerabilities. To mitigate this risk, it is essential to conduct rigorous validation of the filenames provided by clients.
Examples
Insecure Code
java
String fileName = filePart.getSubmittedFileName();Secure Code
java
String sanitizedFileName = sanitizeFileName(fileName);
if (!isFileNameAllowed(sanitizedFileName)) {
throw new SecurityException("Invalid file name");
}Remediation
Sanitize filenames by removing or replacing unauthorized characters, implement allowlist validation, use server-generated filenames, and verify file paths.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0703 |
| Category | AccessControl |
| Severity | HIGH |
| CWE | CWE-22 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | Path Traversal, File Upload |
| OWASP | A5:2017-Broken Access Control, A01:2021-Broken Access Control |