Remote administrative access

By
Sooraj V Nair
Published on
02 Mar 2022

The administration page is used to completely control the web application. An administration page has full privilege to the web application and can change any content in the server. If proper access is not given to the web content, there will be a chance for the server to be breached. This vulnerability is prone to Directory traversal or Path Traversal. It is an HTTP attack that allows attackers to access restricted directories and also execute commands outside of the web server’s root directory.

Impact

The impact for this vulnerability include:-

  • An attacker will gain complete access to the application.
  • Possible manipulation of data.
  • Possible leakage of sensitive information.
  • Reading, updating and deleting arbitrary data/tables from the database
  • Executing commands on the underlying operating system

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Ensuring you have installed the latest version of your web server
  • Effectively filtering all the user input
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Sooraj V Nair
Sooraj V Nair
Cyber Security Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.