Information Leakage / Directory Listing
Directory listing is an information leakage vulnerability that occurs when a web or API server allows directory contents to be read, usually through a web browser, without proper authentication. This allows attackers to access sensitive files, such as configuration and log files, which may contain valuable information or credentials. Directory listing is classified as CWE-548 and as an A1 vulnerability in the OWASP Top 10.
Directory listing can allow attackers to access sensitive information, such as source code, passwords, or encryption keys, which could be used to gain access to a system. Additionally, directory listing can allow attackers to gain a comprehensive view of the system's architecture and can be used to identify potential attack vectors.
The best way to prevent directory listing is to limit the scope of the directory listing. This can be done by disabling directory listing at the web server or API level, or by using a web application firewall to block requests to certain directories. Additionally, if directory listing is necessary, authentication or authorization should be required before allowing access.
The following code example is taken from CVE-2018-17153:
GET /webdav/ HTTP/1.1 Host: vulnerable.example.com Accept: */*