CWE-55
Path Equivalence: '/./' (Single Dot Directory)
The product accepts path input in the form of single dot directory exploit ('/./') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
Official CWE-55 definition at MITREImpactr finds and proves weaknesses like CWE-55 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist