目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CWE-35 路径遍历:’…/…//’ 类漏洞列表 161

CWE-35 路径遍历:’…/…//’ 类弱点 161 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-35 属于路径遍历漏洞,指程序使用外部输入构建受限目录内的文件路径时,未正确过滤“.../...//”等双重重定向序列。攻击者利用此缺陷,通过构造特殊路径字符序列绕过安全检查,访问或修改目录外的敏感文件。开发者应避免直接拼接用户输入,需对路径进行严格规范化处理,并实施白名单验证,确保最终解析路径始终位于预期的安全目录范围内。

MITRE CWE 官方描述
CWE:CWE-35 路径遍历:'.../...//' 英文:产品使用外部输入来构建一个应位于受限目录内的路径名,但它未能正确对 '.../...//'(双重重叠点斜杠)序列进行中和,这些序列可能解析到该目录之外的位置。
常见影响 (1)
Confidentiality, IntegrityRead Files or Directories, Modify Files or Directories, Bypass Protection Mechanism
Not properly neutralizing '.../...//' (doubled triple dot slash) allows attackers to traverse the file system to access files or directories that are outside of the restricted directory.
缓解措施 (2)
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
Effectiveness: High
ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
代码示例 (1)
Suppose the product serves files from a specific "public" directory -- /home/product/public/ -- and has an algorithm that attempts to protect against common path traversal attacks. The algorithm works by sequentially scanning through a requested filename and removes each occurrence of "../" that it encounters, then appending the filename to the public directory.
../secret.dat
Attack
/home/product/public/secret.dat
Result
CVE ID标题CVSS风险等级Published
CVE-2022-48476 JetBrains Ktor framework 路径遍历漏洞 — Ktor 7.5 High2023-04-24
CVE-2022-3693 FileOrbis File Management System 路径遍历漏洞 — FileOrbis File Management System 7.5 High2023-01-13
CVE-2022-36928 Zoom Client 路径遍历漏洞 — Zoom for Android 6.1 Medium2023-01-09
CVE-2022-46826 JetBrains IntelliJ IDEA 路径遍历漏洞 — IntelliJ IDEA 6.2 Medium2022-12-08
CVE-2022-2265 Directory Management System 路径遍历漏洞 — Çekino Bilgi Teknolojileri 7.5 High2022-09-21
CVE-2021-1355 Cisco Unified Communications Manager SQL注入漏洞 — Cisco Unified Communications Manager 6.5 Medium2021-01-20
CVE-2021-1357 Cisco Unified Communications Manager IM & Presence Service 路径遍历漏洞 — Cisco Unified Communications Manager 6.5 Medium2021-01-20
CVE-2021-1364 Cisco Unified Communications Manager SQL注入漏洞 — Cisco Unified Communications Manager 6.5 Medium2021-01-20
CVE-2021-1282 Cisco Unified Communications Manager SQL注入漏洞 — Cisco Unified Communications Manager 6.5 Medium2021-01-20
CVE-2020-27130 Cisco Security Manager 安全漏洞 — Cisco Security Manager 9.1 Critical2020-11-17
CVE-2018-3744 html-pages node模块路径遍历漏洞 — html-pages node module 9.1 -2018-05-29

CWE-35(路径遍历:’…/…//’) 是常见的弱点类别,本平台收录该类弱点关联的 161 条 CVE 漏洞。