Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Arbitrary local file read via file upload - Vulnerability Database

Arbitrary local file read via file upload

Description

Invicti uploaded a ZIP file containing a symlink to /etc/passwd. It looks like that web application processed this file and returned the contents of /etc/passwd in response.

Remediation

The web application should filter symlinks included inside ZIP files.

References

Reading local files from Facebook's server

Related Vulnerabilities

Dragonfly Arbitrary File Read/Write (CVE-2021-33564) High
Common tags: Unauthenticated File Upload Information Disclosure
Trace.axd Detected High
Common tags: Information Disclosure
WordPress Plugin iThemes Security (formerly Better WP Security) Information Disclosure (5.1.1) High
Common tags: Information Disclosure
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Arbitrary File Upload (2.8.1.1) High
Common tags: Unauthenticated File Upload
WordPress Plugin MetaSlider Information Disclosure (3.3.1) High
Common tags: Information Disclosure

Severity

High

Classification

CWE-200
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Unauthenticated File Upload
Information Disclosure