HTTP PUT method allows a client to submit data to be saved on the web server as the filename specified by the URI, or to update a file with new data. This can allow an attacker to overwrite or modify existing sensitive files.
- Disable HTTP PUT method when not needed.
- Properly configure web server so a remote client can not overwrite arbitrary files.
- Properly sanitize and validate client requests.