Insecure File Upload
What is Insecure File Upload?
Insecure File UploadA web vulnerability where an application accepts user-supplied files without proper validation, allowing attackers to upload malicious files that lead to RCE, defacement, or data theft.
Insecure file upload occurs when a web application stores, processes, or serves uploaded files without strict checks on filename, MIME type, content, size, and storage location. Attackers exploit this to upload web shells (PHP/ASPX/JSP), polyglot files, malicious Office documents, or oversized payloads. Once placed in a web-accessible directory and executed by the server, the file can yield remote code execution, persistence, or pivot points into the internal network. Defences include allow-listing extensions and MIME types, validating magic bytes, renaming files server-side, storing outside the web root, scanning with anti-malware, and serving via a separate domain with restrictive Content-Type headers.
● Examples
- 01
Uploading a `shell.php` disguised as a JPEG to a profile-picture endpoint that fails to verify content.
- 02
Embedding malicious macros in a Word resume accepted by an HR portal.
● Frequently asked questions
What is Insecure File Upload?
A web vulnerability where an application accepts user-supplied files without proper validation, allowing attackers to upload malicious files that lead to RCE, defacement, or data theft. It belongs to the Attacks & Threats category of cybersecurity.
What does Insecure File Upload mean?
A web vulnerability where an application accepts user-supplied files without proper validation, allowing attackers to upload malicious files that lead to RCE, defacement, or data theft.
How do you defend against Insecure File Upload?
Defences for Insecure File Upload typically combine technical controls and operational practices, as detailed in the full definition above.