Detections
Analytics
Filepaths contain Dangerous characters (Windows)
info Nessus Plugin ID 168981
Language:
Synopsis
This Tenable product detected files or paths on the scanned Windows system which contain characters with command injection or privilege escalation potential.Description
This Tenable product detected files or paths on the scanned Windows system which contain characters with command injection or privilege escalation potential. Although characters such as singlequote, ampersand, and semicolon are perfectly valid Windows filepath characters, use of them may lead to problems or security compromise when used in further commands.This product has chosen in certain plugins to avoid digging within those files and directories for security reasons.
These should be renamed to avoid security compromise.
Solution
Rename these files or folders to not include dangerous characters.Plugin Details
Severity: Info
ID: 168981
File Name: dangerous_filepaths_win.nasl
Version: 1.0
Type: summary
Agent: windows
Family: Windows
Published: 12/21/2022
Updated: 12/21/2022
Supported Sensors: Nessus
Vulnerability Information
Required KB Items: Host/Windows/dangerous_filepaths_found