Categories
Jargon Buster

Jargon Buster What is File Inclusion Vulnerability

what is file inclusion vulnerability

Thom explains File Inclusion Vulnerability

Learn more about this type of vulnerability in the latest edition of JUMPSEC’s Jargon Buster series. Cyber security expert Thom explains what is meant by the term “File Inclusion Vulnerability”.


Video transcript:

“A file inclusion vulnerability occurs when a web page contains references to a file and allows the reference to point to either local files on the vulnerable device or remote files hosted elsewhere. Both local and remote file inclusion are serious vulnerabilities and can result in the complete compromise of a device, this could be done via including files that allow for the execution of attacker-controlled code. Other consequences might also include extracting source code files from the web application server or retrieving credentials for remote access to the device.”