Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-35 (路径遍历:’…/…//’) — Vulnerability Class 149

149 vulnerabilities classified as CWE-35 (路径遍历:’…/…//’). AI Chinese analysis included.

CWE-35 represents a critical path traversal vulnerability where software fails to properly sanitize input containing the specific sequence ‘.../...//’. This weakness allows attackers to bypass directory restrictions by exploiting how certain operating systems or application frameworks resolve these unusual path segments. By injecting this sequence into user-controlled input, an adversary can manipulate file system navigation to access sensitive files located outside the intended restricted directory, potentially leading to unauthorized data disclosure or system compromise. Developers mitigate this risk by implementing rigorous input validation that strictly rejects or neutralizes all path traversal characters, including this specific triple-dot variant. Additionally, using canonicalization functions to resolve paths before comparison and enforcing strict allow-lists for permitted file extensions ensures that external input cannot redirect execution to unintended system locations.

MITRE CWE Description
The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.
Common Consequences (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories, Bypass Protection Mechanism
Not properly neutralizing '.../...//' (doubled triple dot slash) allows attackers to traverse the file system to access files or directories that are outside of the restricted directory.
Mitigations (2)
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
Effectiveness: High
ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
Examples (1)
Suppose the product serves files from a specific "public" directory -- /home/product/public/ -- and has an algorithm that attempts to protect against common path traversal attacks. The algorithm works by sequentially scanning through a requested filename and removes each occurrence of "../" that it encounters, then appending the filename to the public directory.
../secret.dat
Attack
/home/product/public/secret.dat
Result
CVE IDTitleCVSSSeverityPublished
CVE-2024-56214 WordPress UserPro plugin <= 5.1.9 - Local File Inclusion vulnerability — Userpro 8.3 High2024-12-31
CVE-2023-7263 Huawei HarmonyOS AILife Solution 安全漏洞 — HarmonyOS AILife Solution 8.0 7.3 High2024-12-28
CVE-2023-7300 Huawei HarmonyOS AILife Solution 安全漏洞 — HarmonyOS AILife Solution 8.0 8.0 High2024-12-26
CVE-2024-56049 WordPress WPLMS plugin < 1.9.9.5.2 - Subscriber+ Arbitrary File Deletion vulnerability — WPLMS 8.5 High2024-12-18
CVE-2024-56055 WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary Directory Deletion vulnerability — WPLMS 8.5 High2024-12-18
CVE-2024-54313 WordPress FULL – Cliente plugin <= 3.1.25 - Local File Inclusion vulnerability — FULL Customer 6.5 Medium2024-12-13
CVE-2024-21575 ComfyUI-Impact-Pack 产品安全漏洞 — ComfyUI-Impact-Pack 8.6 High2024-12-12
CVE-2024-54216 WordPress ARForms plugin <= 6.4.1 - Subscriber+ Arbitrary File Read vulnerability — ARForms 7.7 High2024-12-06
CVE-2024-52498 WordPress SP Blog Designer plugin <= 1.0.0 - Local File Inclusion vulnerability — SP Blog Designer 7.5 High2024-11-28
CVE-2024-10857 Product Input Fields for WooCommerce <= 1.9 - Authenticated (Contributor+) Arbitrary File Read — Product Input Fields for WooCommerce 6.5 Medium2024-11-26
CVE-2024-50054 mySCADA myPRO Path Traversal — myPRO Manager 7.5 High2024-11-22
CVE-2024-52447 WordPress Contact Page With Google Map plugin <= 1.6.1 - Arbitrary File Deletion vulnerability — Contact Page With Google Map 8.6 High2024-11-20
CVE-2024-52390 WordPress CYAN Backup plugin <= 2.5.3 - Arbitrary File Download vulnerability — CYAN Backup 4.9 Medium2024-11-18
CVE-2020-26073 Cisco SD-WAN vManage Directory Traversal Vulnerability — Cisco Catalyst SD-WAN Manager 7.5 High2024-11-18
CVE-2021-1132 Cisco Network Services Orchestrator Path Traversal Vulnerability — Cisco Network Services Orchestrator 5.3 Medium2024-11-18
CVE-2024-41973 WAGO: Remote Arbitrary File Write with Root Privileges in multiple Devices — CC100 0751-9x01 8.1 High2024-11-18
CVE-2024-41972 WAGO: Arbitrary File Overwrite Leading to Privileged File Read in Multiple Devices — CC100 0751-9x01 6.5 Medium2024-11-18
CVE-2024-11136 Arbitrary file removal via path traversal in TCL Camera — Camera 9.1AICriticalAI2024-11-14
CVE-2024-51582 WordPress WP Hotel Booking plugin <= 2.2.9 - Local File Inclusion vulnerability — WP Hotel Booking 7.5 High2024-11-04
CVE-2024-49770 oak's path traversal allows transfer of hidden files within the served root directory — oak 7.5AIHighAI2024-11-01
CVE-2024-49258 WordPress Limb Gallery plugin <= 1.5.7 - Arbitrary File Download vulnerability — WordPress Gallery Plugin – Limb Image Gallery 6.5 Medium2024-10-16
CVE-2024-45248 Multi-DNC – CWE-35: Path Traversal: '.../...//' — Multi-DNC 7.5 High2024-10-06
CVE-2024-47324 WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability — WP Timeline – Vertical and Horizontal timeline plugin 7.5 High2024-10-05
CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload — agnai 4.3 Medium2024-09-26
CVE-2024-47170 Agnai File Disclosure Vulnerability: JSON via Path Traversal — agnai 4.3 Medium2024-09-26
CVE-2024-47169 Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal — agnai 8.8 High2024-09-26
CVE-2024-0067 AXIS OS 安全漏洞 — AXIS OS 4.3 Medium2024-09-10
CVE-2024-7608 Trellix多款产品 安全漏洞 — Trellix NX, EX, AX, FX, CMS and IVX 5.9 Medium2024-08-27
CVE-2024-45190 Mage AI pipeline interaction request remote arbitrary file leak 6.5 Medium2024-08-23
CVE-2024-0113 NVIDIA多款产品 安全漏洞 — Mellanox OS 7.5 High2024-08-09

Vulnerabilities classified as CWE-35 (路径遍历:’…/…//’) represent 149 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.