Java Unrestricted File Upload Spring
Description
Detects unrestricted file upload vulnerabilities in Java Spring web applications. When file uploads are not properly validated, attackers can upload malicious files like web shells or oversized files, potentially leading to remote code execution or denial of service attacks.
Detection Strategy
• Check if the Spring Web framework is imported in the application code (org.springframework.web)
• Look for file upload operations in Spring controllers or endpoints
• Analyze if the file upload code lacks proper file type validation, size restrictions, or content verification
• Flag upload operations that accept files without implementing security controls like file extension checks or content type validation
Vulnerable code example
@RestController
public class UnsafeFileUploadController {
@PostMapping("/upload")
public void handleFileUpload(@RequestParam("file") MultipartFile file) throws IOException {
// VULNERABLE: Using unsanitized user-provided filename directly
String fileName = file.getOriginalFilename();
...✅ Secure code example
@RestController
public class SafeFileUploadController {
private static final String UPLOAD_DIR = "./uploads";
private static final Set<String> ALLOWED_EXTENSIONS = Set.of("jpg", "png", "pdf");
@PostMapping("/upload")
public ResponseEntity<String> handleFileUpload(@RequestParam("file") MultipartFile file) {
try {...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.