目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CWE-73 文件名或路径的外部可控制 类漏洞列表 350

CWE-73 文件名或路径的外部可控制 类弱点 350 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-73 属于路径遍历漏洞,指应用程序允许用户输入控制文件系统操作中的文件名或路径。攻击者通常利用此缺陷构造恶意路径,以访问或修改系统关键文件及敏感数据,从而破坏应用完整性。开发者应避免直接拼接用户输入,需通过白名单验证、规范化路径及严格过滤特殊字符,确保最终路径位于预期的安全目录内,从而有效阻断非法访问。

MITRE CWE 官方描述
CWE:CWE-73 外部控制文件名或路径 (External Control of File Name or Path) 英文:产品允许用户输入控制或影响在文件系统操作 (filesystem operations) 中使用的路径或文件名。 这可能导致攻击者访问或修改对应用程序至关重要的系统文件或其他文件。路径操纵错误 (Path manipulation errors) 在满足以下两个条件时发生:1. 攻击者可以指定在文件系统操作 (operation on the filesystem) 中使用的路径。2. 通过指定资源,攻击者获得了原本不被允许的能力。例如,程序可能赋予攻击者覆盖指定文件或运行由攻击者控制的配置的能力。
常见影响 (3)
Integrity, ConfidentialityRead Files or Directories, Modify Files or Directories
The application can operate on unexpected files. Confidentiality is violated when the targeted filename is not directly readable by the attacker.
Integrity, Confidentiality, AvailabilityModify Files or Directories, Execute Unauthorized Code or Commands
The application can operate on unexpected files. This may violate integrity if the filename is written to, or if the filename is for a program or other form of executable code.
AvailabilityDoS: Crash, Exit, or Restart, DoS: Resource Consumption (Other)
The application can operate on unexpected files. Availability can be violated if the attacker specifies an unexpected file that the application modifies. Availability can also be affected if the attacker specifies a filename for a large file, or points to a special device or a file that does not hav…
缓解措施 (5)
Architecture and DesignWhen the set of filenames is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames, and reject all other inputs. For example, ID 1 could map to "inbox.txt" and ID 2 could map to "profile.txt". Features such as the ESAPI AccessReferenceMap provide this capability.
Architecture and Design, OperationRun your code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict all access to files within a particular directory. Examples include the Unix chroot jail and AppArmor. In general, managed code may provide some protection. This may not be a feasible solution, and it only limits the impact to the oper…
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
Effectiveness: High
ImplementationUse a built-in path canonicalization function (such as realpath() in C) that produces the canonical version of the pathname, which effectively removes ".." sequences and symbolic links (CWE-23, CWE-59).
代码示例 (2)
The following code uses input from an HTTP request to create a file name. The programmer has not considered the possibility that an attacker could provide a file name such as "../../tomcat/conf/server.xml", which causes the application to delete one of its own configuration files (CWE-22).
String rName = request.getParameter("reportName"); File rFile = new File("/usr/local/apfr/reports/" + rName); ... rFile.delete();
Bad · Java
The following code uses input from a configuration file to determine which file to open and echo back to the user. If the program runs with privileges and malicious users can change the configuration file, they can use the program to read any file on the system that ends with the extension .txt.
fis = new FileInputStream(cfg.getProperty("sub")+".txt"); amt = fis.read(arr); out.println(arr);
Bad · Java
CVE ID标题CVSS风险等级Published
CVE-2021-1306 Cisco 多款产品安全漏洞 — Cisco Identity Services Engine Software 4.4 Medium2021-05-22
CVE-2021-22539 Philipp Wollermann VScode-bazel 安全漏洞 — VSCode-Bazel 8.2 High2021-04-16
CVE-2021-27250 D-Link DAP-2020 安全漏洞 — DAP-2020 6.5 -2021-04-14
CVE-2021-21343 XStream 安全漏洞 — xstream 5.3 Medium2021-03-22
CVE-2020-25161 Advantech WebAccess/SCADA WADashboard 安全漏洞 — Advantech WebAccess/SCADA 9.8 -2021-02-23
CVE-2020-26078 Cisco IoT Field Network Director 路径遍历漏洞 — Cisco IoT Field Network Director (IoT-FND) 4.9 -2020-11-18
CVE-2020-6105 F2fs.Fsck 安全漏洞 — F2fs-Tools 7.8 -2020-10-15
CVE-2020-8553 Kubernetes 安全漏洞 — ingress-nginx 5.9 Medium2020-07-29
CVE-2019-3681 多款SUSE产品osc 安全漏洞 — SUSE Linux Enterprise Module for Development Tools 15 7.5 High2020-06-29
CVE-2020-5296 October CMS 安全漏洞 — october 6.2 Medium2020-06-03
CVE-2020-5297 October CMS 安全漏洞 — october 3.4 Low2020-06-03
CVE-2020-2003 Palo Alto Networks PAN-OS 安全漏洞 — PAN-OS 6.5 Medium2020-05-13
CVE-2020-2008 Palo Alto Networks PAN-OS 操作系统命令注入漏洞 — PAN-OS 7.2 High2020-05-13
CVE-2020-2009 Palo Alto Networks PAN-OS SD WAN组件安全漏洞 — PAN-OS 7.2 High2020-05-13
CVE-2020-1984 Palo Alto Networks Secdo 输入验证错误漏洞 — Secdo 7.8 High2020-04-08
CVE-2020-9752 Naver Cloud Explorer 安全漏洞 — Naver Cloud Explorer 9.8 -2020-03-23
CVE-2018-17246 Elasticsearch Kibana Console插件安全漏洞 — Kibana 10.0 -2018-12-20
CVE-2018-14820 Advantech WebAccess .dll组件安全漏洞 — Advantech WebAccess 7.5 -2018-10-23
CVE-2018-7495 多款Advantech产品安全漏洞 — WebAccess 7.5 -2018-05-15
CVE-2014-2375 Ecava IntegraXor SCADA Server 信息泄露漏洞 — IntegraXor SCADA Server 9.8 -2014-09-15

CWE-73(文件名或路径的外部可控制) 是常见的弱点类别,本平台收录该类弱点关联的 350 条 CVE 漏洞。