Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-27 (路径遍历:’dir/../../filename’) — Vulnerability Class 18

18 vulnerabilities classified as CWE-27 (路径遍历:’dir/../../filename’). AI Chinese analysis included.

CWE-27 represents a critical input validation weakness where software fails to properly sanitize external inputs used to construct file paths. Attackers typically exploit this vulnerability by injecting sequences like “../” into user-supplied parameters, tricking the application into resolving references outside the intended restricted directory. This allows unauthorized access to sensitive system files, configuration data, or other resources that should remain hidden. To mitigate this risk, developers must implement robust input validation techniques, such as strict allow-listing of permitted characters and rejecting any path components containing traversal sequences. Additionally, using canonicalization functions to normalize paths before validation ensures that obfuscated attempts are detected. Restricting file system access through chroot jails or containerization further limits the blast radius, ensuring that even if traversal occurs, the attacker cannot escape the designated secure boundary.

MITRE CWE Description
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize multiple internal "../" sequences that can resolve to a location that is outside of that directory. This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory. The 'directory/../../filename' manipulation is useful for bypassing some path traversal protection schemes. Sometimes a program only removes one "../" sequence, so multiple "../" can bypass that check. Alternately, this manipulation could be used to bypass a check for "../" at the beginning of the pathname, moving up more than one directory level.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories
Mitigations (2)
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
CVE IDTitleCVSSSeverityPublished
CVE-2026-20018 Cisco Firepower Management Center Software and Firepower Threat Defense Path Traversal Vulnerability — Cisco Secure Firewall Management Center (FMC) 5.9 Medium2026-03-04
CVE-2025-66518 Apache Kyuubi: Unauthorized directory access due to missing path normalization — Apache Kyuubi 8.1 -2026-01-05
CVE-2025-58292 Huawei HarmonyOS 安全漏洞 — HarmonyOS 3.3 Low2025-10-11
CVE-2025-10438 Path Traversal in Yordam BT's Yordam Katalog — Yordam Katalog 8.6 High2025-09-25
CVE-2025-58761 Tautulli vulnerable to Unauthenticated Path Traversal in `real_pms_image_proxy` — Tautulli 8.6 High2025-09-09
CVE-2024-43658 Using the <redacted> action or <redacted>.sh script, arbitrary files and directories can be deleted using directory traversal. — Iocharger firmware for AC models 8.1 -2025-01-09
CVE-2023-20090 Cisco TelePresence Collaboration Endpoint and RoomOS Software Privilege Escalation Vulnerability — Cisco RoomOS Software 6.7 Medium2024-11-15
CVE-2024-7458 elunez eladmin Database Management/Deployment Management upload path traversal — eladmin 5.5 Medium2024-08-04
CVE-2024-24809 Traccar vulnerable to Path Traversal: 'dir/../../filename' and Unrestricted Upload of File with Dangerous Type — traccar 8.5 High2024-04-10
CVE-2024-20348 Cisco Nexus Dashboard 安全漏洞 — Cisco Data Center Network Manager 7.5 High2024-04-03
CVE-2023-50254 Deepin Reader RCE vulnerability due to a design flaw — developer-center 9.3 Critical2023-12-22
CVE-2023-34125 SonicWall GMS and Analytics 路径遍历漏洞 — GMS 6.5 -2023-07-13
CVE-2023-20131 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities — Cisco Prime Infrastructure 6.5 Medium2023-04-05
CVE-2023-20130 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities — Cisco Prime Infrastructure 6.5 Medium2023-04-05
CVE-2023-20129 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities — Cisco Prime Infrastructure 6.5 Medium2023-04-05
CVE-2023-20127 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities — Cisco Prime Infrastructure 6.5 Medium2023-04-05
CVE-2023-27588 Unauthenticated path traversal vulnerability in Hasura GraphQL Engine — graphql-engine 7.5 High2023-03-14
CVE-2021-35027 Zyxel VPN2S 路径遍历漏洞 — ZyWALL VPN2S Firmware 7.5 High2021-09-29

Vulnerabilities classified as CWE-27 (路径遍历:’dir/../../filename’) represent 18 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.