Access Control: Nginx Server - Local File Inclusion¶

Identifier: nginx_merge_slashes_path_traversal

Scanner(s) Support¶

Description¶

Nginx servers with merge_slashes disabled are vulnerable to local file inclusion attacks when multiple slashes are used in paths.

How we test: We test for path traversal vulnerabilities in Nginx by injecting paths with multiple slashes and analyzing responses to detect if local files can be included and their contents exposed.

Reference:

• https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/nginx-merge-slashes-path-traversal.json
• https://medium.com/appsflyer/nginx-may-be-protecting-your-applications-from-traversal-attacks-without-you-even-knowing-b08f882fd43d

Configuration¶

Example¶

Example configuration:

---
security_tests:
  nginx_merge_slashes_path_traversal:
    skip: false

Reference¶

skip¶

Type : boolean

Skip the test if true.