The product validates data before it has been filtered, which prevents the product from detecting data that becomes invalid after the filtering step.
View on MITREThis can be used by an attacker to bypass the validation and launch attacks that expose weaknesses that would otherwise be prevented, such as injection.
Inputs should be decoded and canonicalized to the application's current internal representation before being filtered.
No detection method information available for this CWE.
This script creates a subdirectory within a user directory and sets the user as the owner.
While the script attempts to screen for '..' sequences, an attacker can submit a directory path including ".~.", which will then become ".." after the filtering step. This allows a Path Traversal (CWE-21) attack to occur.
Directory traversal vulnerability allows remote attackers to read or modify arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
View DetailsDirectory traversal vulnerability allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
View DetailsCWE-181: Incorrect Behavior Order: Validate Before Filter is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product validates data before it has been filtered, which prevents the product from detecting data that becomes invalid after the filtering step. This can be used by an attacker to bypass the validation and launch attacks that expose weaknesses that would otherwise be prevented, such as injection.
If exploited, CWE-181 (Incorrect Behavior Order: Validate Before Filter) it can compromise Access Control, leading to outcomes such as Bypass Protection Mechanism.
Recommended mitigations for CWE-181 include: Inputs should be decoded and canonicalized to the application's current internal representation before being filtered.
CWE-181 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
MITRE documents real CVEs mapped to CWE-181, including CVE-2002-0934 and CVE-2003-0282. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.
A CWE (Common Weakness Enumeration) like CWE-181 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.