Verysync 微力同步 Unrestricted File Upload Vulnerability in Web Administration Module

A vulnerability allowing arbitrary file uploads has been identified in Verysync 微力同步 versions through 2.21.3. This issue arises in the Web Administration Module, specifically within a function that handles file uploads via a REST API endpoint. The vulnerability is due to the absence of proper authentication, enabling remote attackers to upload files without restriction. Exploitation of this flaw could lead to the execution of uploaded files or other malicious actions, depending on the nature of the uploaded content.

Impact

Successful exploitation allows for unrestricted file uploads, which could be used to upload malicious files that are executed or processed by the application.

Reproduction

The vulnerability can be reproduced by sending a POST request to the vulnerable API endpoint '/rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false' without any authentication. The request must include a file in the body, which will be uploaded to the server.

Remediation

It is recommended to implement proper authentication and access controls in the Web Administration Module, restrict file uploads to trusted IPs, and monitor upload activities for any unusual behavior.