Zhuimengshaonian Wisdom-Education Unrestricted File Upload Vulnerability

A vulnerability allowing arbitrary file uploads has been identified in Zhuimengshaonian Wisdom-Education versions through 1.0.4. The issue arises in the 'uploadFile' function within 'UploadController.java', where the handling of the 'File' argument lacks proper validation, enabling unrestricted file uploads. This vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which could lead to the upload of malicious files that are processed within the application's environment. This could potentially be exploited to execute arbitrary code or cause other harmful effects, depending on the nature of the uploaded file.

Reproduction

To reproduce this vulnerability, send a POST request to the '/api/upload/2' endpoint with 'multipart/form-data' content. Include a file in the request, such as a JSP file disguised as an image, which will be uploaded to the server without any restrictions.