Remote File Inclusion (RFI) is a type of cyber attack that specifically targets web application vulnerabilities that dynamically reference external scripts, in order to exploit the referencing function to upload malware (e.g. Backdoor shells) from a remote URL that’s located in a different domain. Once an attacker has done this, the malware can then be stored until a function is executed that signals for it to detrimentally affect a website.
Remote File Inclusion generally occurs when a web application receives the path to the file that has to be included as an input without properly sanitising it, which allows an external URL to be supplied to the include statement. Successful RFI attacks can result in information/file disclosure, compromised servers and site control that allows the modification of content; all of which could be incredibly damaging to both users and website owners.