/Code Review/Path Traversal in File Read

Path Traversal in File Read

Directory traversal vulnerability allowing unauthorized file access through path manipulation.

HIGHEasy

Vulnerable Codepython

1import os
2
3def read_user_file(filename):
4    # Read files from user uploads directory
5    base_dir = '/var/www/uploads'
6    file_path = os.path.join(base_dir, filename)
7    
8    with open(file_path, 'r') as f:
9        return f.read()

Understanding the Issue

The vulnerable code directly concatenates user input to the base directory without validation. Attackers can use ../ sequences to escape the intended directory. The secure version resolves paths and validates they remain within the base directory.

Read /etc/passwd

Use directory traversal to escape uploads folder

Malicious Input

../../etc/passwd

Impact

Reads /etc/passwd instead of files in uploads

Technical Details

Vulnerability Type: Path Traversal
Severity: HIGH
Language: Python
CWE: CWE-22
OWASP: A01:2021 – Broken Access Control

Path Traversal in File Read

Understanding the Issue

How Attackers Exploit This

Read /etc/passwd

Finding the Vulnerability(3 hints)

Technical Details

Path Traversal in File Read

Understanding the Issue

How Attackers Exploit This

Read /etc/passwd

Finding the Vulnerability(3 hints)

Technical Details