A potentially dangerous file is a file that runs malicious code to harm the server or the client. There are servers that allow any file types to be uploaded to the server. This allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environment.
The following are the possible vulnerabilities the application may face due to a potentially dangerous file:-
- Remote inclusion: This attack involves adding malicious files to the server remotely.
- Linux local file disclosure: Linux local files disclosure involves an attacker having access to all files on a server running on Linux.
- BSD local file disclosure: An attacker has the access to the server running on BSD OS.
- Unix local file disclosure: UNIX local file inclusion is an attack that allows the attacker to access files on a server running on an OS based on UNIX.
- Windows local file disclosure: This attack allows an attacker the access to all files in the server. This vulnerability affects servers running on Windows.
- File disclosure attack using the include_path: The attacker can use the include_path present in the PHP to access all the files in the server.
Using this vulnerability, an attacker can:-
- perform code execution on the server.
- perform Denial of Service.
- leak sensitive information from the application.
Mitigation / Precaution
Beagle recommends the following fixes:-
- Make sure to allow specific file extensions.
- Allow authorised and authenticated users to use the feature.
- Make sure that the uploaded file is actually an image or whatever file type you expect from the server.