Untrusted user input in readFile()/readFileSync() can lead to directory traversal attacks
Description
This application is using untrusted user input with the readFile() and readFileSync() functions. This can lead to directory traversal attacks, as reading files with untrusted input enables arbitrary file access. An attacker could craft malicious input that traverses the file system and exposes sensitive files.
Examples
Insecure Code
javascript
fs.readFile(userInput, (err, data) => {...})Secure Code
javascript
var fileName = config.dirName + '/' + sanitizedInput; fs.readFile(fileName, (err, data) => {...})Remediation
Sanitize and validate all user input before passing it to readFile() or readFileSync() to prevent unwanted file reads.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0419 |
| Category | Injection |
| Severity | MEDIUM |
| CWE | CWE-23 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | directory traversal, path traversal |
| OWASP | A5:2017-Broken Access Control, A01:2021-Broken Access Control |