Acrel Environmental Monitoring Cloud Platform Unauthorized File Upload Vulnerability

A vulnerability allowing unauthorized file uploads has been identified in Acrel Environmental Monitoring Cloud Platform version 1.1.0. This issue arises from an unknown function that permits unrestricted file uploads, potentially allowing the execution of malicious files within the application's environment. The vulnerability can be exploited remotely and does not require authentication.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, allowing attackers to upload and potentially execute malicious files on the server.

Reproduction

The vulnerability can be reproduced by uploading a file through the application's file upload feature. The platform does not properly validate or restrict the types of files that can be uploaded, allowing harmful files to be uploaded and processed within the application's environment.