Vulnerability Details

CWE Type(s): CWE-78
Severity: MEDIUM
Team: Unassigned

Location

• File: benchmarks/dynamo/common.py
• Lines: 4215

Description

Path Traversal in Output File Handling - Missing validation for path traversal patterns in user-controlled file paths (args.output and args.output_directory).

Impact

Attackers can write output files to arbitrary locations on the filesystem through path traversal sequences (.., ./, etc.).

Root Cause

Missing validation for path traversal patterns in user-controlled file paths. User-provided output filenames and directories are used without checking for traversal sequences.

Fix Status

MR Link: https://gitlab.com/redhat/rhel-ai/team-pytorch/pytorch/-/merge_requests/97
Fix Branch: security-fix-Command_Injection-cwe78_common_path_traversal
Status: IMPLEMENTED

Related Exploit Files

• test_cwe78_common.py

Exploit Code Sample

# Malicious path traversal attempts
malicious_paths = [
    "../../../etc/passwd",
    "../../sensitive/file.txt",
    "./././../../../root",
    "normal/../../../etc/shadow"
]

# Vulnerable code accepts these without validation
output_filename = args.output  # No validation
if args.output_directory:
    output_filename = os.path.join(args.output_directory, output_filename)

References

• CWE Reference: https://cwe.mitre.org/data/definitions/78.html

Generated by CI Security Bot