CVE-2022–31457.

RTX TRAP v1.0 allows attackers to perform a directory traversal

Discovered by: Shifa Cyclewala & Rohit Gautam from Hacktify Cyber Security

Reference:
https://www.acunetix.com/vulnerabilities/web/directory-listings/

What is Directory Traversal?

Directory traversal, also known as path traversal or directory climbing, is a vulnerability that allows an attacker to access files and directories outside of the intended scope of a web application. It occurs when an application does not properly validate and sanitize user-supplied input used to construct file paths or directory locations.

In a directory traversal attack, the attacker manipulates file path parameters to traverse up and down the directory structure, accessing files or directories that should be restricted. The attacker can potentially view sensitive files, execute arbitrary code, or perform unauthorized actions on the server.

Bug Description:

To exploit the vulnerability attacker can send a request to /data/ endpoint which discloses sensitive information and it is able to perform Directory Listing and steal files in RTX TRAP v1.0

Steps to Reproduce

Step1: Go to this https://example.com

Step 2: Send the crafted request sent to the endpoint /data/.

LinkedIn:
https://www.linkedin.com/in/shifa
https://www.linkedin.com/in/iamrohitg

Thank you
Shifa Cyclewala & Rohit Gautam from Hacktify Cyber Security