Directory Traversal
What is Directory Traversal?
Directory TraversalAn attack that uses crafted path sequences such as ../ to escape an application's intended directory and read or write arbitrary files on the server.
Directory traversal (path traversal) targets applications that build filesystem paths from user input without proper canonicalization. By inserting sequences like ../, .., URL-encoded variants (%2e%2e%2f), or absolute paths, an attacker forces the application to access files outside the intended folder, exposing configuration secrets, source code, or system files such as /etc/passwd. In writable contexts the same flaw enables file overwrite and remote code execution. Defences are validating filenames against a strict allow-list, resolving paths and checking they remain within the expected root, using framework APIs that handle this safely, and running services as accounts that cannot read sensitive system files.
● Examples
- 01
A download endpoint with file=../../etc/passwd that returns the system password file.
- 02
An image viewer that follows ..%2f..%2fwindows%2fwin.ini and exposes a Windows configuration file.
● Frequently asked questions
What is Directory Traversal?
An attack that uses crafted path sequences such as ../ to escape an application's intended directory and read or write arbitrary files on the server. It belongs to the Attacks & Threats category of cybersecurity.
What does Directory Traversal mean?
An attack that uses crafted path sequences such as ../ to escape an application's intended directory and read or write arbitrary files on the server.
How do you defend against Directory Traversal?
Defences for Directory Traversal typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Directory Traversal?
Common alternative names include: Path traversal, Dot-dot-slash attack.