DetailedDraft

CAPEC-597Absolute Path Traversal

Abstraction
Detailed
Status
Draft

Description

An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as ".." to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access.

Related weaknesses· 1

CWE-36

Related attack patterns· 1

CAPEC-126 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessAbsolute Path Traversalcwe-36100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Path Traversal
CAPEC
Relative Path Traversal
CAPEC
DEPRECATED: Directory Traversal
CAPEC
Directory Indexing
CAPEC
Identify Shared Files/Directories on System
CAPEC
Symlink Attack
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.