Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Insecure File Upload Vulnerability #62

Open
Xiqinger opened this issue Mar 14, 2024 · 1 comment
Open

Insecure File Upload Vulnerability #62

Xiqinger opened this issue Mar 14, 2024 · 1 comment

Comments

@Xiqinger
Copy link

1. PathTravel

The current implementation of the file upload functionality lacks proper filtering and validation of the uploaded file names. This allows attackers to upload files with malicious names that can potentially traverse to arbitrary paths on the server. By exploiting this vulnerability, an attacker can upload files to unintended directories, potentially compromising the system's integrity and confidentiality.

It is necessary to implement robust checks on the file name obtained from file.getOriginalFilename() to ensure it does not contain any path traversal sequences like "..". Additionally, validate the final path to ensure it falls within the intended directory specified by the "dir" parameter.

image

2. Duplicate File Uploads

The current implementation of the file upload feature does not include a file renaming mechanism. This poses a risk as it allows for the overwriting of existing files with the same name. This functionality gap can be exploited by attackers to maliciously overwrite files belonging to other users, leading to data loss or unauthorized access to sensitive information.

@renanmin
Copy link

renanmin commented Mar 14, 2024 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants