Description
Directory Traversal is a vulnerability which allows attackers to access restricted directories and execute commands outside of the web server's root directory.
The following programs are vulnerable.
Programs that publish files using WEBrick::HTTPServer.new with the :DocumentRoot option
Programs that publish files using WEBrick::HTTPServlet::FileHandler
Affected systems are:
1. Systems that accept backslash (\) as a path separator, such as Windows.
2. Systems that use case insensitive file-systems such as NTFS on Windows, HFS on Mac OS X.
Remediation
Your script should filter metacharacters from user input.
References
Related Vulnerabilities
WordPress Plugin Delightful Downloads Directory Traversal (1.6.6)
WordPress Plugin YITH WooCommerce Multi Vendor Security Bypass (3.4.0)
WordPress 4.9.x Cross-Domain Flash Injection Vulnerability (4.9 - 4.9.1)
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12528)
Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450)