Path traversal vulnerability elimination in software sought by feds

3 May 2024

Software firms have been urged by the FBI and Cybersecurity and Infrastructure Security Agency to ensure the absence of path traversal or directory traversal vulnerabilities in their products prior to shipping, BleepingComputer reports. Mitigating such flaws, which could be exploited to facilitate code execution and authentication bypass, could be achieved through random identifier generation for files and separate metadata storage, character restrictions in file names, and removing executable permissions in uploaded files, said the agencies in a joint advisory.

Source: SC Magazine

Date:

3 May 2024

Categorie(s):

NEWS

Tag(s):

IT, Network Security, News, Path

Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024
How to Become a Chief Information Officer: CIO Cheat Sheet5 November 2024
Research: Extending corporate life of laptops by just one year can reduce harmful emissions by 25%5 November 2024