Description
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2007-4840)
Contao Improper Encoding or Escaping of Output Vulnerability (CVE-2019-19714)
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-0284)
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0483)
Liferay DXP Insecure Default Initialization of Resource Vulnerability (CVE-2024-26267)