Common Weakness Enumeration

CWE-22

Allowed-with-Review

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Abstraction: Base · Status: Stable

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

13064 vulnerabilities reference this CWE, most recent first.

GHSA-3636-H3VX-6465

Vulnerability from github – Published: 2026-05-12 22:22 – Updated: 2026-06-09 01:59
VLAI
Summary
esm.sh: Legacy Route Path Traversal Can Lead to RCE
Details

Impact

  • Arbitrary File Write – An attacker can cause the server to write data to any file path it has write permission for.
  • Privilege Escalation / RCE – By overwriting critical binaries or scripts, the attacker can execute arbitrary code with the server’s privileges.

Exploit

The legacy router first retrieves a response from legacyServer, parses the incoming request path, and ultimately writes the data to storage via buildStorage.Put
(see https://github.com/esm-dev/esm.sh/blob/4312ae93e518121e764a18bb521af12e490ef137/server/legacy_router.go#L291).

For a URL such as:

http://ESM_SH_HOST/v111/react@19.2.0/esnext/..%2f..%2f..%2fgh/<attacker>/exp@1171e85d5d/foo.md%23%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2ftmp%2fpwned

the router concatenates the path components without sanitizing them, producing a storage key like:

legacy/v111/react@19.2.0/esnext/../../../gh/<attacker>/exp@1171e85d5d/foo.md#/../../../../../../../../../../tmp/pwned

When this key is used, the underlying file system resolves the relative segments and writes the file to /tmp/pwned. Thus an attacker can craft a request that writes data to arbitrary locations on the server.

Details

  1. URL Construction
    A crafted request is sent to the server: http://ESM_SH_HOST/v111/react@19.2.0/esnext/..%2f..%2f..%2fgh/<attacker>/exp@1171e85d5d/foo.md%23%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2ftmp%2fpwned

  2. Proxy to Legacy Server
    The request is forwarded to: http://legacy.esm.sh/v111/react@19.2.0/esnext/../../../gh/<attacker>/exp@1171e85d5d/foo.md#/../../../../../../../tmp/pwned which resolves to: http://legacy.esm.sh/gh/<attacker>/exp@1171e85d5d/foo.md

  3. File Retrieval
    The server fetches foo.md from the GitHub repository https://github.com/<attacker>/exp.

  4. Path Normalisation & Storage
    The storage path derived from the request is: legacy/v111/react@19.2.0/esnext/../../../gh/<attacker>/exp@1171e85d5d/foo.md#/../../../../../../../../../../tmp/pwned Normalising this path yields /tmp/pwned. The retrieved file content is then written to that location.

  5. Result
    By repeating this pattern, an attacker can overwrite arbitrary binaries or scripts on the server, paving the way for remote code execution.

Credit Discovery To

splitline (@_splitline_) from DEVCORE Research Team

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/esm-dev/esm.sh"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.0-20260508100112-1960055e1d53"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-44593"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-12T22:22:39Z",
    "nvd_published_at": "2026-05-28T16:16:24Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n- Arbitrary File Write \u2013 An attacker can cause the server to write data to any file path it has write permission for.\n- Privilege Escalation / RCE \u2013 By overwriting critical binaries or scripts, the attacker can execute arbitrary code with the server\u2019s privileges.\n\n### Exploit\n\nThe legacy router first retrieves a response from `legacyServer`, parses the incoming request path, and ultimately writes the data to storage via `buildStorage.Put`  \n(see \u003chttps://github.com/esm-dev/esm.sh/blob/4312ae93e518121e764a18bb521af12e490ef137/server/legacy_router.go#L291\u003e).\n\nFor a URL such as:\n\n```\nhttp://ESM_SH_HOST/v111/react@19.2.0/esnext/..%2f..%2f..%2fgh/\u003cattacker\u003e/exp@1171e85d5d/foo.md%23%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2ftmp%2fpwned\n```\n\nthe router concatenates the path components without sanitizing them, producing a storage key like:\n\n```\nlegacy/v111/react@19.2.0/esnext/../../../gh/\u003cattacker\u003e/exp@1171e85d5d/foo.md#/../../../../../../../../../../tmp/pwned\n```\n\nWhen this key is used, the underlying file system resolves the relative segments and writes the file to `/tmp/pwned`. Thus an attacker can craft a request that writes data to arbitrary locations on the server.\n\n\n### Details\n\n1. **URL Construction**  \n   A crafted request is sent to the server:\n   ```\n   http://ESM_SH_HOST/v111/react@19.2.0/esnext/..%2f..%2f..%2fgh/\u003cattacker\u003e/exp@1171e85d5d/foo.md%23%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2ftmp%2fpwned\n   ```\n\n2. **Proxy to Legacy Server**  \n   The request is forwarded to:\n   ```\n   http://legacy.esm.sh/v111/react@19.2.0/esnext/../../../gh/\u003cattacker\u003e/exp@1171e85d5d/foo.md#/../../../../../../../tmp/pwned\n   ```\n   which resolves to:\n   ```\n   http://legacy.esm.sh/gh/\u003cattacker\u003e/exp@1171e85d5d/foo.md\n   ```\n\n3. **File Retrieval**  \n   The server fetches `foo.md` from the GitHub repository `https://github.com/\u003cattacker\u003e/exp`.\n\n4. **Path Normalisation \u0026 Storage**  \n   The storage path derived from the request is:\n   ```\n   legacy/v111/react@19.2.0/esnext/../../../gh/\u003cattacker\u003e/exp@1171e85d5d/foo.md#/../../../../../../../../../../tmp/pwned\n   ```\n   Normalising this path yields `/tmp/pwned`. The retrieved file content is then written to that location.\n\n5. **Result**  \n   By repeating this pattern, an attacker can overwrite arbitrary binaries or scripts on the server, paving the way for remote code execution.\n\n\n### Credit Discovery To\nsplitline (@\\_splitline\\_) from DEVCORE Research Team",
  "id": "GHSA-3636-h3vx-6465",
  "modified": "2026-06-09T01:59:36Z",
  "published": "2026-05-12T22:22:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/esm-dev/esm.sh/security/advisories/GHSA-3636-h3vx-6465"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44593"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/esm-dev/esm.sh"
    },
    {
      "type": "WEB",
      "url": "https://github.com/esm-dev/esm.sh/releases/tag/v137_3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "esm.sh: Legacy Route Path Traversal Can Lead to RCE"
}

GHSA-363J-W49V-CJ57

Vulnerability from github – Published: 2022-05-14 02:53 – Updated: 2022-05-14 02:53
VLAI
Details

Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a .. (dot dot) in the __EVENTARGUMENT parameter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2014-2575"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-06-06T14:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a .. (dot dot) in the __EVENTARGUMENT parameter.",
  "id": "GHSA-363j-w49v-cj57",
  "modified": "2022-05-14T02:53:07Z",
  "published": "2022-05-14T02:53:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2575"
    },
    {
      "type": "WEB",
      "url": "https://www.redteam-pentesting.de/en/advisories/rt-sa-2014-006/-directory-traversal-in-devexpress-asp-net-file-manager"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/show/osvdb/107742"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/126953/DevExpress-ASP.NET-File-Manager-13.2.8-Directory-Traversal.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2014/Jun/24"
    },
    {
      "type": "WEB",
      "url": "http://security.devexpress.com/de7c4756/?id=ff8c1703126f4717993ac3608a65a2e2"
    },
    {
      "type": "WEB",
      "url": "http://www.exploit-db.com/exploits/33700"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/532304/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/67902"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-364Q-W7VH-VHPC

Vulnerability from github – Published: 2026-03-11 00:09 – Updated: 2026-03-11 05:46
VLAI
Summary
OliveTin's unsafe parsing of UniqueTrackingId can be used to write files
Details

When the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the StartAction API request. This value is not validated or sanitized before being used in a file path, allowing an attacker to use directory traversal sequences (e.g., ../../../) to write files to arbitrary locations on the filesystem.

Affected Code

Entry point — service/internal/api/api.go (line 130):

The UniqueTrackingId from the API request is passed directly to the executor without validation:

execReq := executor.ExecutionRequest{
    Binding:    pair,
    TrackingID: req.Msg.UniqueTrackingId, // user-controlled, no validation
    // ...
}

Tracking ID accepted as-is — service/internal/executor/executor.go (lines 508–512):

The tracking ID is only replaced with a UUID if it is empty or a duplicate. Any other string, including one containing path separators, is accepted:

_, isDuplicate := e.GetLog(req.TrackingID)

if isDuplicate || req.TrackingID == "" {
    req.TrackingID = uuid.NewString()
}

Filename construction — service/internal/executor/executor.go (line 1042):

The tracking ID is interpolated directly into the log filename:

filename := fmt.Sprintf("%v.%v.%v",
    req.logEntry.ActionTitle,
    req.logEntry.DatetimeStarted.Unix(),
    req.logEntry.ExecutionTrackingID,
)

File write — service/internal/executor/executor.go (lines 1068–1069 and 1082–1083):

The filename is joined to the configured log directory using path.Join, which calls path.Clean internally. path.Clean resolves .. path segments, causing the final file path to escape the intended directory:

// Results file (.yaml)
filepath := path.Join(dir, filename+".yaml")
err = os.WriteFile(filepath, data, 0600)

// Output file (.log)
filepath := path.Join(dir, filename+".log")
err := os.WriteFile(filepath, []byte(data), 0600)

Proof of Concept

An attacker sends the following StartAction request (Connect RPC or REST):

{
  "bindingId": "<any-executable-action-id>",
  "uniqueTrackingId": "../../../tmp/pwned"
}

Assuming the action title is Ping the Internet and the timestamp is 1741320000, the constructed filename becomes:

Ping the Internet.1741320000.../../../tmp/pwned

When path.Join processes this with a configured results directory like /var/olivetin/logs:

path.Join("/var/olivetin/logs", "Ping the Internet.1741320000.../../../tmp/pwned.yaml")

path.Clean resolves the traversal:

  1. Path segments: ["var", "olivetin", "logs", "Ping the Internet.1741320000...", "..", "..", "..", "tmp", "pwned.yaml"]
  2. The .. segments traverse upward past the log directory.
  3. Final resolved path: /tmp/pwned.yaml

Two files are written:

  • .yaml file — contains YAML-serialized InternalLogEntry (action title, icon, timestamps, exit code, output, tags, username, tracking ID)
  • .log file — contains the raw command output (potentially attacker-influenced if the action echoes its arguments)

Impact

  • Arbitrary file write to any path writable by the OliveTin process.
  • OliveTin frequently runs as root inside Docker containers, so the writable scope is often the entire filesystem.
  • An attacker could:
  • Overwrite OliveTin's own sessions.yaml to inject authenticated sessions.
  • Write to entity file directories to inject malicious entity data.
  • Write to system cron directories or other locations to achieve remote code execution.
  • Cause denial of service by overwriting critical system files.

Suggested Fix

Validate the UniqueTrackingId to ensure it only contains safe characters before use. A strict UUID format check is the simplest approach:

import "regexp"

var validTrackingID = regexp.MustCompile(`^[a-fA-F0-9\-]+$`)

// In ExecRequest, before accepting the user-supplied ID:
if req.TrackingID == "" || !validTrackingID.MatchString(req.TrackingID) {
    req.TrackingID = uuid.NewString()
}

Alternatively, sanitize the filename in stepSaveLog by stripping or rejecting path separators and .. sequences.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/OliveTin/OliveTin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.0-20260309102040-b03af0e2eca3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-31817"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-11T00:09:41Z",
    "nvd_published_at": "2026-03-10T22:16:19Z",
    "severity": "HIGH"
  },
  "details": "When the `saveLogs` feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied `UniqueTrackingId` field in the `StartAction` API request. This value is not validated or sanitized before being used in a file path, allowing an attacker to use directory traversal sequences (e.g., `../../../`) to write files to arbitrary locations on the filesystem.\n### Affected Code\n\n**Entry point \u2014 `service/internal/api/api.go` (line 130):**\n\nThe `UniqueTrackingId` from the API request is passed directly to the executor without validation:\n\n```go\nexecReq := executor.ExecutionRequest{\n    Binding:    pair,\n    TrackingID: req.Msg.UniqueTrackingId, // user-controlled, no validation\n    // ...\n}\n```\n\n**Tracking ID accepted as-is \u2014 `service/internal/executor/executor.go` (lines 508\u2013512):**\n\nThe tracking ID is only replaced with a UUID if it is empty or a duplicate. Any other string, including one containing path separators, is accepted:\n\n```go\n_, isDuplicate := e.GetLog(req.TrackingID)\n\nif isDuplicate || req.TrackingID == \"\" {\n    req.TrackingID = uuid.NewString()\n}\n```\n\n**Filename construction \u2014 `service/internal/executor/executor.go` (line 1042):**\n\nThe tracking ID is interpolated directly into the log filename:\n\n```go\nfilename := fmt.Sprintf(\"%v.%v.%v\",\n    req.logEntry.ActionTitle,\n    req.logEntry.DatetimeStarted.Unix(),\n    req.logEntry.ExecutionTrackingID,\n)\n```\n\n**File write \u2014 `service/internal/executor/executor.go` (lines 1068\u20131069 and 1082\u20131083):**\n\nThe filename is joined to the configured log directory using `path.Join`, which calls `path.Clean` internally. `path.Clean` resolves `..` path segments, causing the final file path to escape the intended directory:\n\n```go\n// Results file (.yaml)\nfilepath := path.Join(dir, filename+\".yaml\")\nerr = os.WriteFile(filepath, data, 0600)\n\n// Output file (.log)\nfilepath := path.Join(dir, filename+\".log\")\nerr := os.WriteFile(filepath, []byte(data), 0600)\n```\n\n### Proof of Concept\n\nAn attacker sends the following `StartAction` request (Connect RPC or REST):\n\n```json\n{\n  \"bindingId\": \"\u003cany-executable-action-id\u003e\",\n  \"uniqueTrackingId\": \"../../../tmp/pwned\"\n}\n```\n\nAssuming the action title is `Ping the Internet` and the timestamp is `1741320000`, the constructed filename becomes:\n\n```\nPing the Internet.1741320000.../../../tmp/pwned\n```\n\nWhen `path.Join` processes this with a configured results directory like `/var/olivetin/logs`:\n\n```\npath.Join(\"/var/olivetin/logs\", \"Ping the Internet.1741320000.../../../tmp/pwned.yaml\")\n```\n\n`path.Clean` resolves the traversal:\n\n1. Path segments: `[\"var\", \"olivetin\", \"logs\", \"Ping the Internet.1741320000...\", \"..\", \"..\", \"..\", \"tmp\", \"pwned.yaml\"]`\n2. The `..` segments traverse upward past the log directory.\n3. Final resolved path: `/tmp/pwned.yaml`\n\nTwo files are written:\n\n- **`.yaml` file** \u2014 contains YAML-serialized `InternalLogEntry` (action title, icon, timestamps, exit code, output, tags, username, tracking ID)\n- **`.log` file** \u2014 contains the raw command output (potentially attacker-influenced if the action echoes its arguments)\n\n### Impact\n\n- **Arbitrary file write** to any path writable by the OliveTin process.\n- OliveTin frequently runs as root inside Docker containers, so the writable scope is often the entire filesystem.\n- An attacker could:\n  - Overwrite OliveTin\u0027s own `sessions.yaml` to inject authenticated sessions.\n  - Write to entity file directories to inject malicious entity data.\n  - Write to system cron directories or other locations to achieve remote code execution.\n  - Cause denial of service by overwriting critical system files.\n\n### Suggested Fix\n\nValidate the `UniqueTrackingId` to ensure it only contains safe characters before use. A strict UUID format check is the simplest approach:\n\n```go\nimport \"regexp\"\n\nvar validTrackingID = regexp.MustCompile(`^[a-fA-F0-9\\-]+$`)\n\n// In ExecRequest, before accepting the user-supplied ID:\nif req.TrackingID == \"\" || !validTrackingID.MatchString(req.TrackingID) {\n    req.TrackingID = uuid.NewString()\n}\n```\n\nAlternatively, sanitize the filename in `stepSaveLog` by stripping or rejecting path separators and `..` sequences.",
  "id": "GHSA-364q-w7vh-vhpc",
  "modified": "2026-03-11T05:46:08Z",
  "published": "2026-03-11T00:09:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/OliveTin/OliveTin/security/advisories/GHSA-364q-w7vh-vhpc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31817"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OliveTin/OliveTin/commit/2f77000de44f65690f257e3cf8e2c8462b0e74c7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/OliveTin/OliveTin"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OliveTin/OliveTin/releases/tag/3000.11.2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OliveTin\u0027s unsafe parsing of UniqueTrackingId can be used to write files"
}

GHSA-365M-RF96-QXH8

Vulnerability from github – Published: 2022-05-02 03:48 – Updated: 2022-05-02 03:48
VLAI
Details

Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2009-3792"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-12-21T16:30:00Z",
    "severity": "HIGH"
  },
  "details": "Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors.",
  "id": "GHSA-365m-rf96-qxh8",
  "modified": "2022-05-02T03:48:32Z",
  "published": "2022-05-02T03:48:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3792"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb09-18.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/37420"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-365W-HQF6-VXFG

Vulnerability from github – Published: 2026-06-16 20:13 – Updated: 2026-06-24 13:05
VLAI
Summary
Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution
Details

Summary

Multiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration.

Vulnerabilities

1. Arbitrary File Write via /screenshot and /pdf (CWE-22, CVSS 9.1)

The output_path parameter accepts arbitrary filesystem paths with no validation. An attacker can overwrite server files (DoS) or write to any appuser-writable location.

Fix: Added validate_output_path() restricting writes to CRAWL4AI_OUTPUT_DIR (/tmp/crawl4ai-outputs by default). Added Pydantic field_validator rejecting .. traversal sequences.

2. SSRF via Webhook URL (CWE-918, CVSS 8.6)

Webhook URLs in /crawl/job and /llm/job accept internal/private IPs with no validation, enabling Server-Side Request Forgery against cloud metadata endpoints (169.254.169.254), internal services, and Docker networks.

Fix: Added validate_webhook_url() with blocklist for RFC 1918, loopback, link-local, cloud metadata IPs and hostnames. Validation at both job submission and send time. Explicit follow_redirects=False.

3. Authentication Bypass on Monitor Endpoints (CWE-306, CVSS 6.5)

The monitor router was mounted without token_dep dependency, making all monitoring endpoints (including destructive ones like /monitor/actions/cleanup) accessible without authentication.

Fix: Added dependencies=[Depends(token_dep)] to monitor router. Added explicit token check on WebSocket /monitor/ws endpoint.

4. Stored XSS in Monitor Dashboard (CWE-79, CVSS 6.1)

URLs and error messages rendered in the monitor dashboard via innerHTML without escaping, enabling stored XSS via crafted crawl URLs.

Fix: Server-side html.escape() on URL and error storage. Client-side escapeHtml() wrapper on all innerHTML template injections.

5. Arbitrary JavaScript Execution via /execute_js (CWE-94, CVSS 8.1)

The /execute_js endpoint accepts and executes arbitrary JavaScript in the server's browser with --disable-web-security enabled, combining arbitrary JS execution with SSRF capability.

Fix: Disabled by default via CRAWL4AI_EXECUTE_JS_ENABLED env var. Added SSRF blocklist on destination URL. Removed --disable-web-security from default browser args.

6. Hardcoded JWT Secret Key (CWE-798, CVSS 9.8)

The JWT signing key defaults to "mysecret" in the public source code, allowing anyone to forge valid authentication tokens.

Fix: Removed default value. Added startup validation rejecting weak/short secrets. Auto-generates ephemeral key when JWT enabled but no key set.

7. SSRF via Direct Crawl Endpoints /crawl, /md, /llm (CWE-918, CVSS 8.6)

The primary crawl entry points (/crawl, /crawl/stream, /md, /llm) fetch arbitrary user-supplied URLs with no destination validation, enabling Server-Side Request Forgery against internal services, Docker networks, and cloud metadata endpoints (169.254.169.254). A blocklist that only inspects the literal hostname is additionally bypassable via IPv6-mapped IPv4 addresses (e.g. [::ffff:169.254.169.254], [::ffff:10.0.0.1]), which resolve to the blocked private/metadata ranges but evade a naive string check.

Fix: Added URL destination validation on all crawl/md/llm entry points, reusing the SSRF blocklist (RFC 1918, loopback, link-local, cloud-metadata IPs and hostnames). IPv6-mapped IPv4 addresses are normalized to their IPv4 form before the blocklist check, closing the mapping bypass. raw:// URLs are skipped. Validation applies at request entry, not only at fetch time.

Workarounds

  1. Upgrade to the patched version (recommended)
  2. Set CRAWL4AI_API_TOKEN to enable authentication
  3. Set a strong SECRET_KEY (min 32 chars) if using JWT
  4. Restrict network access to the Docker API

Credits

  • Jeongbean Jeon - file write, SSRF, monitor auth bypass, stored XSS
  • wulonchia - file write via output_path (independent report)
  • by111 (August829) - hardcoded JWT, eval in /config/dump, /execute_js, hook sandbox escape
  • secsys_codex - SSRF via /md, /crawl, /llm endpoints + IPv6-mapped IPv4 bypass (URL destination validation)
  • Velayutham Selvaraj (LinkedIn) - SSRF via missing host validation in validate_url_scheme (independent report)
  • IcySun & Yashon - SSRF, arbitrary file write, missing-auth-by-default, hook sandbox bypass via asyncio (independent report)
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.8.6"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "crawl4ai"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-56266"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-306",
      "CWE-79",
      "CWE-798",
      "CWE-918",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-16T20:13:30Z",
    "nvd_published_at": "2026-06-22T22:16:50Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\n\nMultiple security vulnerabilities in the Crawl4AI Docker API server affecting endpoints for crawling, markdown/LLM extraction, screenshots, PDFs, webhooks, monitoring, JavaScript execution, and configuration.\n\n### Vulnerabilities\n\n#### 1. Arbitrary File Write via /screenshot and /pdf (CWE-22, CVSS 9.1)\n\nThe `output_path` parameter accepts arbitrary filesystem paths with no validation. An attacker can overwrite server files (DoS) or write to any appuser-writable location.\n\n**Fix:** Added `validate_output_path()` restricting writes to `CRAWL4AI_OUTPUT_DIR` (/tmp/crawl4ai-outputs by default). Added Pydantic `field_validator` rejecting `..` traversal sequences.\n\n#### 2. SSRF via Webhook URL (CWE-918, CVSS 8.6)\n\nWebhook URLs in `/crawl/job` and `/llm/job` accept internal/private IPs with no validation, enabling Server-Side Request Forgery against cloud metadata endpoints (169.254.169.254), internal services, and Docker networks.\n\n**Fix:** Added `validate_webhook_url()` with blocklist for RFC 1918, loopback, link-local, cloud metadata IPs and hostnames. Validation at both job submission and send time. Explicit `follow_redirects=False`.\n\n#### 3. Authentication Bypass on Monitor Endpoints (CWE-306, CVSS 6.5)\n\nThe monitor router was mounted without `token_dep` dependency, making all monitoring endpoints (including destructive ones like `/monitor/actions/cleanup`) accessible without authentication.\n\n**Fix:** Added `dependencies=[Depends(token_dep)]` to monitor router. Added explicit token check on WebSocket `/monitor/ws` endpoint.\n\n#### 4. Stored XSS in Monitor Dashboard (CWE-79, CVSS 6.1)\n\nURLs and error messages rendered in the monitor dashboard via `innerHTML` without escaping, enabling stored XSS via crafted crawl URLs.\n\n**Fix:** Server-side `html.escape()` on URL and error storage. Client-side `escapeHtml()` wrapper on all `innerHTML` template injections.\n\n#### 5. Arbitrary JavaScript Execution via /execute_js (CWE-94, CVSS 8.1)\n\nThe `/execute_js` endpoint accepts and executes arbitrary JavaScript in the server\u0027s browser with `--disable-web-security` enabled, combining arbitrary JS execution with SSRF capability.\n\n**Fix:** Disabled by default via `CRAWL4AI_EXECUTE_JS_ENABLED` env var. Added SSRF blocklist on destination URL. Removed `--disable-web-security` from default browser args.\n\n#### 6. Hardcoded JWT Secret Key (CWE-798, CVSS 9.8)\n\nThe JWT signing key defaults to `\"mysecret\"` in the public source code, allowing anyone to forge valid authentication tokens.\n\n**Fix:** Removed default value. Added startup validation rejecting weak/short secrets. Auto-generates ephemeral key when JWT enabled but no key set.\n\n#### 7. SSRF via Direct Crawl Endpoints /crawl, /md, /llm (CWE-918, CVSS 8.6)\n\nThe primary crawl entry points (`/crawl`, `/crawl/stream`, `/md`, `/llm`) fetch arbitrary user-supplied URLs with no destination validation, enabling Server-Side Request Forgery against internal services, Docker networks, and cloud metadata endpoints (169.254.169.254). A blocklist that only inspects the literal hostname is additionally bypassable via IPv6-mapped IPv4 addresses (e.g. `[::ffff:169.254.169.254]`, `[::ffff:10.0.0.1]`), which resolve to the blocked private/metadata ranges but evade a naive string check.\n\n**Fix:** Added URL destination validation on all crawl/md/llm entry points, reusing the SSRF blocklist (RFC 1918, loopback, link-local, cloud-metadata IPs and hostnames). IPv6-mapped IPv4 addresses are normalized to their IPv4 form before the blocklist check, closing the mapping bypass. `raw://` URLs are skipped. Validation applies at request entry, not only at fetch time.\n\n### Workarounds\n\n1. Upgrade to the patched version (recommended)\n2. Set `CRAWL4AI_API_TOKEN` to enable authentication\n3. Set a strong `SECRET_KEY` (min 32 chars) if using JWT\n4. Restrict network access to the Docker API\n\n### Credits\n\n- Jeongbean Jeon - file write, SSRF, monitor auth bypass, stored XSS\n- wulonchia - file write via output_path (independent report)\n- by111 ([August829](https://github.com/August829)) - hardcoded JWT, eval in /config/dump, /execute_js, hook sandbox escape\n- secsys_codex - SSRF via /md, /crawl, /llm endpoints + IPv6-mapped IPv4 bypass (URL destination validation)\n- Velayutham Selvaraj ([LinkedIn](https://www.linkedin.com/in/velayuthamselvaraj)) - SSRF via missing host validation in validate_url_scheme (independent report)\n- IcySun \u0026 Yashon - SSRF, arbitrary file write, missing-auth-by-default, hook sandbox bypass via asyncio (independent report)",
  "id": "GHSA-365w-hqf6-vxfg",
  "modified": "2026-06-24T13:05:44Z",
  "published": "2026-06-16T20:13:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/unclecode/crawl4ai/security/advisories/GHSA-365w-hqf6-vxfg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56266"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/unclecode/crawl4ai"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/crawl4ai-server-side-request-forgery-via-direct-crawl-endpoints"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Crawl4AI: Multiple Docker API Vulnerabilities - File Write, SSRF, Auth Bypass, XSS, JS Execution"
}

GHSA-368X-G6J7-2G8Q

Vulnerability from github – Published: 2022-05-17 00:45 – Updated: 2022-05-17 00:45
VLAI
Details

Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2008-5201"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-11-21T17:30:00Z",
    "severity": "HIGH"
  },
  "details": "Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter.  NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.",
  "id": "GHSA-368x-g6j7-2g8q",
  "modified": "2022-05-17T00:45:03Z",
  "published": "2022-05-17T00:45:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5201"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43459"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/5957"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/4644"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29992"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-3698-CX82-84GV

Vulnerability from github – Published: 2025-04-10 09:30 – Updated: 2026-04-01 18:34
VLAI
Details

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in totalprocessing Total processing card payments for WooCommerce allows Path Traversal. This issue affects Total processing card payments for WooCommerce: from n/a through 7.1.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-32209"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-10T08:15:17Z",
    "severity": "MODERATE"
  },
  "details": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in totalprocessing Total processing card payments for WooCommerce allows Path Traversal. This issue affects Total processing card payments for WooCommerce: from n/a through 7.1.5.",
  "id": "GHSA-3698-cx82-84gv",
  "modified": "2026-04-01T18:34:38Z",
  "published": "2025-04-10T09:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32209"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/totalprocessing-card-payments/vulnerability/wordpress-total-processing-card-payments-for-woocommerce-plugin-7-1-3-arbitrary-file-download-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-36CG-HVM7-MHWP

Vulnerability from github – Published: 2022-08-16 00:00 – Updated: 2022-08-17 00:00
VLAI
Details

Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-21365"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-08-15T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.",
  "id": "GHSA-36cg-hvm7-mhwp",
  "modified": "2022-08-17T00:00:23Z",
  "published": "2022-08-16T00:00:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-21365"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wkhtmltopdf/wkhtmltopdf/issues/4536"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00027.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-36FH-84J7-CV5H

Vulnerability from github – Published: 2023-01-29 06:30 – Updated: 2024-11-18 16:26
VLAI
Summary
JSZip contains Path Traversal via loadAsync
Details

loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "jszip"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.8.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-48285"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-01T18:08:04Z",
    "nvd_published_at": "2023-01-29T05:15:00Z",
    "severity": "MODERATE"
  },
  "details": "loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive.",
  "id": "GHSA-36fh-84j7-cv5h",
  "modified": "2024-11-18T16:26:28Z",
  "published": "2023-01-29T06:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48285"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Stuk/jszip/commit/2edab366119c9ee948357c02f1206c28566cdf15"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244499"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Stuk/jszip"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Stuk/jszip/compare/v3.7.1...v3.8.0"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240621-0005"
    },
    {
      "type": "WEB",
      "url": "https://www.mend.io/vulnerability-database/WS-2023-0004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "JSZip contains Path Traversal via loadAsync"
}

GHSA-36GM-66FP-PRV4

Vulnerability from github – Published: 2024-05-17 09:31 – Updated: 2024-05-17 09:31
VLAI
Details

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spoonthemes Adifier System allows PHP Local File Inclusion.This issue affects Adifier System: from n/a before 3.1.4.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-49753"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-17T09:15:14Z",
    "severity": "HIGH"
  },
  "details": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in spoonthemes Adifier System allows PHP Local File Inclusion.This issue affects Adifier System: from n/a before 3.1.4.",
  "id": "GHSA-36gm-66fp-prv4",
  "modified": "2024-05-17T09:31:01Z",
  "published": "2024-05-17T09:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49753"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/adifier-system/wordpress-adifier-classified-ads-wordpress-theme-theme-3-9-3-local-file-inclusion-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-5.1
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • When validating filenames, use stringent allowlists that limit the character set to be used. If feasible, only allow a single "." character in the filename to avoid weaknesses such as CWE-23, and exclude directory separators such as "/" to avoid CWE-36. Use a list of allowable file extensions, which will help to avoid CWE-434.
  • Do not rely exclusively on a filtering mechanism that removes potentially dangerous characters. This is equivalent to a denylist, which may be incomplete (CWE-184). For example, filtering "/" is insufficient protection if the filesystem also supports the use of "\" as a directory separator. Another possible error could occur when the filtering is applied in a way that still produces dangerous data (CWE-182). For example, if "../" sequences are removed from the ".../...//" string in a sequential fashion, two instances of "../" would be removed from the original string, but the remaining characters would still form the "../" string.
Mitigation MIT-15
Architecture and Design

For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.

Mitigation MIT-20.1
Implementation

Strategy: Input Validation

  • Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
  • Use a built-in path canonicalization function (such as realpath() in C) that produces the canonical version of the pathname, which effectively removes ".." sequences and symbolic links (CWE-23, CWE-59). This includes:
  • realpath() in C
  • getCanonicalPath() in Java
  • GetFullPath() in ASP.NET
  • realpath() or abs_path() in Perl
  • realpath() in PHP
Mitigation MIT-4
Architecture and Design

Strategy: Libraries or Frameworks

Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482].

Mitigation MIT-29
Operation

Strategy: Firewall

Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

Mitigation MIT-21.1
Architecture and Design

Strategy: Enforcement by Conversion

  • When the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs.
  • For example, ID 1 could map to "inbox.txt" and ID 2 could map to "profile.txt". Features such as the ESAPI AccessReferenceMap [REF-185] provide this capability.
Mitigation MIT-22
Architecture and Design Operation

Strategy: Sandbox or Jail

  • Run the code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by the software.
  • OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For example, java.io.FilePermission in the Java SecurityManager allows the software to specify restrictions on file operations.
  • This may not be a feasible solution, and it only limits the impact to the operating system; the rest of the application may still be subject to compromise.
  • Be careful to avoid CWE-243 and other weaknesses related to jails.
Mitigation MIT-34
Architecture and Design Operation

Strategy: Attack Surface Reduction

  • Store library, include, and utility files outside of the web document root, if possible. Otherwise, store them in a separate directory and use the web server's access control capabilities to prevent attackers from directly requesting them. One common practice is to define a fixed constant in each calling program, then check for the existence of the constant in the library/include file; if the constant does not exist, then the file was directly requested, and it can exit immediately.
  • This significantly reduces the chance of an attacker being able to bypass any protection mechanisms that are in the base program but not in the include files. It will also reduce the attack surface.
Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
  • In the context of path traversal, error messages which disclose path information can help attackers craft the appropriate attack strings to move through the file system hierarchy.
Mitigation MIT-16
Operation Implementation

Strategy: Environment Hardening

When using PHP, configure the application so that it does not use register_globals. During implementation, develop the application so that it does not rely on this feature, but be wary of implementing a register_globals emulation that is subject to weaknesses such as CWE-95, CWE-621, and similar issues.

CAPEC-126: Path Traversal

An adversary uses path manipulation methods to exploit insufficient input validation of a target to obtain access to data that should be not be retrievable by ordinary well-formed requests. A typical variety of this attack involves specifying a path to a desired file together with dot-dot-slash characters, resulting in the file access API or function traversing out of the intended directory structure and into the root file system. By replacing or modifying the expected path information the access function or API retrieves the file desired by the attacker. These attacks either involve the attacker providing a complete path to a targeted file or using control characters (e.g. path separators (/ or \) and/or dots (.)) to reach desired directories or files.

CAPEC-64: Using Slashes and URL Encoding Combined to Bypass Validation Logic

This attack targets the encoding of the URL combined with the encoding of the slash characters. An attacker can take advantage of the multiple ways of encoding a URL and abuse the interpretation of the URL. A URL may contain special character that need special syntax handling in order to be interpreted. Special characters are represented using a percentage character followed by two digits representing the octet code of the original character (%HEX-CODE). For instance US-ASCII space character would be represented with %20. This is often referred as escaped ending or percent-encoding. Since the server decodes the URL from the requests, it may restrict the access to some URL paths by validating and filtering out the URL requests it received. An attacker will try to craft an URL with a sequence of special characters which once interpreted by the server will be equivalent to a forbidden URL. It can be difficult to protect against this attack since the URL can contain other format of encoding such as UTF-8 encoding, Unicode-encoding, etc.

CAPEC-76: Manipulating Web Input to File System Calls

An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.

CAPEC-78: Using Escaped Slashes in Alternate Encoding

This attack targets the use of the backslash in alternate encoding. An adversary can provide a backslash as a leading character and causes a parser to believe that the next character is special. This is called an escape. By using that trick, the adversary tries to exploit alternate ways to encode the same character which leads to filter problems and opens avenues to attack.

CAPEC-79: Using Slashes in Alternate Encoding

This attack targets the encoding of the Slash characters. An adversary would try to exploit common filtering problems related to the use of the slashes characters to gain access to resources on the target host. Directory-driven systems, such as file systems and databases, typically use the slash character to indicate traversal between directories or other container components. For murky historical reasons, PCs (and, as a result, Microsoft OSs) choose to use a backslash, whereas the UNIX world typically makes use of the forward slash. The schizophrenic result is that many MS-based systems are required to understand both forms of the slash. This gives the adversary many opportunities to discover and abuse a number of common filtering problems. The goal of this pattern is to discover server software that only applies filters to one version, but not the other.