Storage of File With Sensitive Data Under FTP Root

Draft Variant

Structure: Simple

Description

This vulnerability occurs when an application saves sensitive files, such as configuration or user data, within the directory served by an FTP server without proper access restrictions. This misconfiguration can allow unauthorized users to download these files directly.

Extended Description

FTP servers are designed to share files, so any data placed within their root directory becomes potentially accessible to anyone who can connect. If sensitive files like `.env`, backup archives, or database dumps are stored there, attackers can easily retrieve them by simply browsing or using automated tools, leading to immediate data exposure. To prevent this, developers should never use the FTP root as a general storage location for sensitive data. Instead, confidential files must be kept outside the publicly served directory tree, with strict operating system permissions and FTP server configuration ensuring that only authorized processes can access them. Regular audits of the FTP directory contents are essential to catch accidental misplacements.

Common Consequences 1

Scope: Confidentiality

Impact: Read Application Data

Potential Mitigations 2

Phase: ImplementationSystem Configuration

Avoid storing information under the FTP root directory.

Phase: System Configuration

Access control permissions should be set to prevent reading/writing of sensitive files inside/outside of the FTP directory.

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Modes of Introduction

Operation

Architecture and Design

Related Weaknesses

ChildOf:

Files or Directories Accessible to External Parties (CWE-552)

Taxonomy Mapping

PLOVER