Path traversal is a filesystem access vulnerability where an application processes user-controlled input and uses it to build a file path without properly restricting where that path can point. An attacker can insert a string or sequence like ../ and may be able to navigate the directory tree to access files outside the intended directory.
A simple example is where a download endpoint expects a filename from a safe directory, but does not validate the user supplied path. If the application blindly appends user input to a base path an attacker may be able to request files like configuration files, logs, environment files, or system credentials by traversing into parent or lateral directories. Some variants also exist on Windows based systems through using backslashes, absolute paths, or encoded characters to bypass basic filters.
The vulnerability is not limited to reading files and in some cases path traversal can also lead to arbitrary file write or overwrite, which may enable code execution if the attacker can place content in a web root, upload directory, or application-controlled path that can later be accessed by a browser or CLI. The risk of this depends heavily on what the application can do with the referenced file.
web application penetration testing can be procured to help identify potential path traversal vulnerabilities when file handling or export features are in scope for testing. Vulnerability scanning can often identify trivial path traversal weaknesses, but ideally manually-led testing is usually recommended because the exploitability and impact depends on application-specific path handling.