Tomcat – Path Traversal

Description

During the scan, Kayran has detected that your system might be vulnerable to Path Traversal (also known as Directory Traversal) attacks. It’s caused due to the Tomcat version you’re using.

Path Traversal attacks aims to access files and directories that are stored outside the originally intended folder.
By manipulating files using a “../” for example, or, by using absolute file paths, the attacker will gain access to files and directories that are stored on your system. The attacker can even gain access to your app’s source code and other critical setting affecting your assets.

Recommendation

There are some ways to handle these situations. The main, recommended solution is to update your Tomcat to it’s latest version.

References

https://tomcat.apache.org/migration.html

https://cwe.mitre.org/data/definitions/22.html

< Return to all Vulnerabilities

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »