skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

GLOSSARY

Directory Traversal Attack

A directory traversal attack is a cyberattack in which an attacker gains access to restricted directories and can execute commands outside of a server’s root directory.

A directory traversal attack is a cyberattack in which an attacker gains access to restricted directories and can execute commands outside of a server’s root directory. A directory traversal attack is also known as a path traversal attack, dot-dot-slash attack, or a directory-climbing attack. In some cases, a directory traversal attack might enable an attacker to arbitrarily write to server files, allowing them to modify application data or behavior and potentially take complete control of the server. For example, an attacker executes a directory traversal attack by manipulating variables that reference files with “dot-dot-slash (../)” sequences and their variations or using absolute file paths.

Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.

Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.

Back To Top