CAPEC-78 : Using Escaped Slashes in Alternate Encoding
This attack targets the use of the backslash in alternate encoding. An adversary can provide a backslash as a leading character and causes a parser to believe that the next character is special. This is called an escape. By using that trick, the adversary tries to exploit alternate ways to encode the same character which leads to filter problems and opens avenues to attack.
https://capec.mitre.org/data/definitions/78.htmlRelated CWE definitions
The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly.
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
The product allows user input to control or influence paths or file names that are used in filesystem operations.
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
The product does not properly encode or decode the data, resulting in unexpected values.
The product does not properly handle when an input uses an alternate encoding that is valid for the control sphere to which the input is being sent.
The product validates input before it is canonicalized, which prevents the product from detecting data that becomes invalid after the canonicalization step.
The product validates data before it has been filtered, which prevents the product from detecting data that becomes invalid after the filtering step.
The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.
Please note that CAPEC definitions are provided as a quick reference only.
Visit http://capec.mitre.org/ for a complete list of CAPEC entries
and more information.