Reggie Unrestricted File Upload Vulnerability

A critical vulnerability in Reggie version 1.0 allows for unrestricted file uploads. The issue arises in the upload function of the CommonController.java file, where only front-end validation of file extensions is performed. This flaw enables attackers to upload any type of file, potentially leading to further exploitation. The vulnerability can be exploited remotely, and details of the exploit have been made public.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which could be used to upload malicious files such as web shells or other executable content, depending on the server's file handling and execution policies.

Reproduction

To reproduce this vulnerability, send a POST request to the '/common/upload' endpoint. The request must include a file in the multipart/form-data format. Bypass any front-end file type restrictions by uploading a file with a potentially harmful payload, such as a JSP file containing executable code.