Path Traversal Vulnerability
Description
The application dynamically constructs file or path information with user input, potentially allowing malicious actors to access, modify, or delete files they shouldn't have access to, leading to information disclosure, data loss, or server compromise.
Examples
Insecure Code
ruby
File.open(params[:filename], 'r')Secure Code
ruby
def safe_file_read(filename)
allowed_files = ['allowed_file.txt', 'another_safe_file.txt']
if allowed_files.include?(filename)
file_path = Rails.root.join('safe_directory', filename)
content = File.read(file_path)
return content
else
raise "Access to the requested file is not allowed."
end
endRemediation
Validate and sanitize input, use secure libraries, apply the least privilege principle, and maintain a directory whitelist to prevent path traversal attacks.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0531 |
| Category | AccessControl |
| Severity | MEDIUM |
| CWE | CWE-22 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | Path Traversal, File Inclusion |
| OWASP | A5:2017-Broken Access Control, A01:2021-Broken Access Control |