Overview
- Bug Type:
- Path traversal
- Category:
- Security
Definition
Manipulated paths (e.g., ../) escape the intended directory to access unintended files.
How to fix Path traversal?
Resolve to canonical path and verify against a fixed base; use safe file APIs; enforce allowlists; reject traversal sequences and double-encoding
Symptoms
Observable signs that may indicate Path traversal:
- Requests containing `../`, `%2e%2e/`, or similar sequences access unexpected files.
- Logs show attempts to reach `/etc/passwd`, `.env`, or config directories.
- Mismatches between requested path and served file outside the web root.
Example Errors:
- File not found: ../../../../etc/passwd
- SecurityError: attempted relative import beyond toplevel package
- Access denied: path escapes base directory