What is path traversal?

Q: What is path traversal?

A path traversal attack (directory traversal) allows attackers to access files and directories outside the intended directory by manipulating file path references using ../ sequences. Example: an application serves files with /download?file=report.pdf — an attacker requests /download?file=../../../etc/passwd, and if the app constructs the path as /app/files/../../../etc/passwd, it resolves to /etc/passwd. URL encoding variants: %2e%2e%2f, %252e%252e%252f (double encoding). Prevention: (1) Cano

Answer

A path traversal attack (directory traversal) allows attackers to access files and directories outside the intended directory by manipulating file path references using ../ sequences. Example: an application serves files with /download?file=report.pdf — an attacker requests /download?file=../../../etc/passwd, and if the app constructs the path as /app/files/../../../etc/passwd, it resolves to /etc/passwd. URL encoding variants: %2e%2e%2f, %252e%252e%252f (double encoding). Prevention: (1) Canonicalize the path and verify it starts with the expected base directory: path.resolve(baseDir, userInput) then check with .startsWith(baseDir). (2) Whitelist valid filenames — don't use user input to construct file paths at all if possible. (3) Store files outside the web root. (4) Use an indirect reference map (ID → filename mapping, never expose real paths). (5) Apply least privilege to file system access.

Answer

More Cybersecurity / Web Security Questions