Potential file extension spoofing using right-to-left override

Intel Name: Potential file extension spoofing using right-to-left override

Date of Scan: November 19, 2024

Impact: Medium

Summary:
“Potential File Extension Spoofing Using Right-to-Left Override” refers to a security technique where attackers exploit the Right-to-Left Override (RTLO) character in file names to manipulate how file extensions are displayed. The RTLO character causes text to be rendered in reverse order, allowing attackers to make a malicious file appear as a harmless one. For example, they could make a file with a “.exe” extension appear as a “.jpg” image file by placing the RTLO character before the extension, tricking users into opening a potentially dangerous file. This method can be used to bypass security checks and deceive users into executing malicious software.

More Details