# Unrestricted Upload of File with Dangerous Type (CWE-434) The product allows the upload of files without properly validating the file type, which can lead to execution of malicious code. **Stack:** JavaScript - Prevalence: 높음 자주 악용됨 - Impact: 높음 3개의 높은 심각도 규칙 - Prevention: 문서화됨 3개의 수정 예시 **OWASP:** Broken Access Control (A01:2021-Broken Access Control) - #1 ## Description When users can upload files without restriction, attackers may upload executable files, scripts, or other dangerous content that can be executed by the server or other users. ## Prevention 1개의 Shoulder 탐지 규칙을 기반으로 한 Unrestricted File Upload 예방 전략. ### JavaScript Add fileFilter to multer to validate uploaded file types ## Warning Signs - [HIGH] Multer middleware at ... lacks fileFilter validation - [HIGH] multer file upload middleware used without proper fileFilter validation ## Consequences - 승인되지 않은 코드 실행 - 애플리케이션 데이터 읽기 - 애플리케이션 데이터 수정 ## Mitigations - 파일 유형은 확장자만이 아니라 서버에서 검증하세요 - 업로드된 파일은 웹 루트 외부에 저장하세요 - 허용되는 파일 유형에 대해 허용 목록을 사용하세요 - 업로드된 파일은 실행을 방지하기 위해 이름을 바꾸세요 ## Detection - Total rules: 3 - Languages: go, javascript, typescript, python ## Rules by Language ### Javascript (1 rules) - **Unrestricted File Upload** [HIGH]: Detects multer file upload middleware used without proper fileFilter validation. Without fileFilter, attackers can upload any file type including executables, web shells, and other malicious files. - Remediation: Add fileFilter to validate uploaded file types: const upload = multer({ fileFilter: (req, file, cb) => { const allowed = ['image/jpeg', 'image/png']; if (allowed.includes(file.mimetype)) { cb(null, true); } else { cb(new Error('Invalid file type'), false); } } }); ### Typescript (1 rules) - **Unrestricted File Upload** [HIGH]: Detects multer file upload middleware used without proper fileFilter validation. Without fileFilter, attackers can upload any file type including executables, web shells, and other malicious files. - Remediation: Add fileFilter to validate uploaded file types: const upload = multer({ fileFilter: (req, file, cb) => { const allowed = ['image/jpeg', 'image/png']; if (allowed.includes(file.mimetype)) { cb(null, true); } else { cb(new Error('Invalid file type'), false); } } });