Vulnerability: Lack of File Upload Extension Control in DevTest 10.6
Article ID: 217538
Updated On:
Products
Service Virtualization
Issue/Introduction
File upload not validating extension
We have recently purchased/installed DevTest 10.6 and our security team has shared the below findings:
Many applications use the file upload features to load various data and allow editing. However, only the allowed file types during the application process should be allowed for loading. The application's needs, when determining the file types to allow, should be observed. Otherwise, attackers can upload a different file type to defacement, command execution, it can perform attacks such as roaming system files, exploiting local vulnerabilities.
For example, when uploading RR files, we should be using .zip files.
However, we found that the extension can be modified and files with any extension can be uploaded.
This is an example where we sent a post request with the uploaded file extension being .HTML.
Expectation: file extension and content validation
Environment
Release : 10.6
Component : CA Service Virtualization
Cause
N/A
Resolution
This will be addressed in DevTest 10.7
Feedback
Yes
No
Powered by
