CWE-76 – Improper Neutralization of Equivalent Special Elements

Read Time:54 Second

Description

The software properly neutralizes certain special elements, but it improperly neutralizes equivalent special elements.

The software may have a fixed list of special characters it believes is complete. However, there may be alternate encodings, or representations that also have the same meaning. For example, the software may filter out a leading slash (/) to prevent absolute path names, but does not account for a tilde (~) followed by a user name, which on some *nix systems could be expanded to an absolute pathname. Alternately, the software might filter a dangerous “-e” command-line switch when calling an external program, but it might not account for “–exec” or other switches that have the same semantics.

Modes of Introduction:

– Architecture and Design

Likelihood of Exploit: High

 

Related Weaknesses

CWE-75

 

Consequences

Other: Other

 

Potential Mitigations

Phase: Requirements

Effectiveness:

Description: 

Programming languages and supporting technologies might be chosen which are not subject to these issues.

Phase: Implementation

Effectiveness:

Description: 

Utilize an appropriate mix of allowlist and denylist parsing to filter equivalent special element syntax from all input.

CVE References