Upload Temp Directory is Everyone

By
Jijith Rajan
Published on
02 Jul 2018
Vulnerability

The Tmp dir is used to store temporary files that need to be uploaded to the server. There are many servers having this vulnerability through which, the Upload tmp dir is accessible to everyone. The upload_tmp_dir allows a developer to specify where uploaded files should be saved until the handling script moves them to a more permanent location. If this file is within the document root of the website and/or accessible to system users other than PHP’s user, it could be modified or overwritten while PHP is processing it. By default, upload_tmp_dir is set to the system’s standard temporary directory, which can typically be accessed by all system users.

Impact

The impact include:-

  • Denial of service attack
  • Code injection attacks

Mitigation / Precaution

Beagle recommends the following fixes:-

  • Try to upload tmp dir outside the document root of the web application.
  • Make sure to Upload tmp dir to a non-readable or writable folder so that no other system users can modify the contents of the folder.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Jijith Rajan
Jijith Rajan
Cyber Security Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.