A directory traversal (path traversal) consists in exploiting lacking security validation/sanitization of user provided input file names so that characters representing “traverse to origin directory” are passed through to the file APIs.
Many sorts of functionality need a web application to read from or write to a filesystem on the basis of parameters provided within user requests. If these processes are carried out in an insecure manner, an attacker can submit crafted input that causes the application to access files that the application designer did not intend it to access.
Known as path traversal vulnerabilities, such defects may enable the attacker to read sensitive data including passwords and application logs or to overwrite security-critical items such as configuration files and software binaries. In the most serious cases, the vulnerability may allow an attacker to completely compromise both the application and the underlying operating system.
Directory traversal vulnerabilities are sometimes hard to detect, and many web applications implement defenses against them that may be vulnerable to bypasses. A hacker takes advantage of this vulnerability to step out of the root directory and access other parts of the file system. The vulnerability may provide the attacker with the capability to view restricted files, or allowing the attacker to execute system commands on the web server which can lead to a full hack of the system.
The most effective way to prevent this vulnerability is to filter users inputs and filter metacharacters from the user input.
