CWE-434: Unrestricted Upload of File with Dangerous Type

low-risk

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Abstraction: Base

Common Consequences

Integrity Execute Unauthorized Code or Commands

Detection Methods

Dynamic Analysis with Automated Results Interpretation

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Web Application Scanner Web Services Scanner Database Scanners

Dynamic Analysis with Manual Results Interpretation

According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Fuzz Tester Framework-based Fuzzer

Manual Static Analysis - Source Code

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Focused Manual Spotcheck - Focused manual analysis of source Manual Source Code Review (not inspections)

Automated Static Analysis - Source Code

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Source code Weakness Analyzer Context-configured Source Code Weakness Analyzer

Architecture or Design Review

According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Formal Methods / Correct-By-Construction Cost effective for partial coverage: Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.)

Real-World Examples (10)

CVE CVSS EPSS KEV
CVE-2018-15961 9.8 94.4% Y
CVE-2018-15961 9.8 94.4% Y
CVE-2020-25213 10.0 94.4% Y
CVE-2020-25213 10.0 94.4% Y
CVE-2017-12617 8.1 94.4% Y
CVE-2017-12617 8.1 94.4% Y
CVE-2016-3088 9.8 94.3% Y
CVE-2016-3088 9.8 94.3% Y
CVE-2020-24186 10.0 94.2%
CVE-2017-12615 8.1 94.2% Y
25
/ 100
low-risk
Active Threat 23/50 · Moderate
Exploit Availability 2/50 · Minimal