by-night SMS Arbitrary File Upload Vulnerability

A vulnerability allowing arbitrary file uploads has been identified in by-night SMS version 1.0. The issue arises in the '/api/sms/upload/headImg' endpoint, where the application fails to properly validate file types before uploading. This lack of validation allows users to upload files of any size and type, including potentially malicious ones. The vulnerability is rooted in the 'upload' method of the 'com.zjh.sms.controller.Upload' class, which directly extracts file extensions without verifying the actual file content.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, potentially allowing for the execution of uploaded files if the application improperly handles them.

Reproduction

To reproduce this vulnerability, send a POST request to the '/api/sms/upload/headImg' endpoint. Include a file in the request that bypasses typical file type restrictions, such as an executable file disguised as an image. The server will respond with the uploaded file's name, indicating a successful upload.