Recent searches
No recent searches
Unrestricted File Upload Vulnerability
Posted Apr 09, 2020
zendesk, allows any arbitrary file to uploaded. This highly makes application vulnerable to several type of attacks. I found that by domain/application is vulnerable because it allows all type file to be uploaded while creating a ticket. As you can see in attached image, I've uploaded firefox installer.exe.
As an impact, attacker can exploit this vulnerability in many ways to perform malicious activity. Attacker can create a ticket and upload malware(virus, worm, ransomware etc.). Later, when the ticket is handled by support person, he/she will check the ticket and open the file. This file can be installed in the system and perform many malicious activities. It can compromise the system, and/or entire network depend on the malware.
Ideally as a solution, only limited set/type of files should be allowed for upload such as jpg, png, .txt etc. Kindly let me know your feedback on this, and if this falls in your scope.
Security is not a choice any more and this should be implemented/fixed ASAP.
3
10 comments
Official
Max McCal
UPDATE: We're no longer looking for volunteers, but are still working on this solution, and expect to have something to show for it in early 2022.
Hey, all --
Dropping in to this thread to mention that we are actively working on a Malware Scanning tool in Zendesk, and we're looking for some customer eyes to come see what we're planning. If you're willing to give us 30 minutes of your time, you can sign up here for a time on my calendar. We'll show you some of our plans and ask for your opinions.
While we're not currently working on file type restrictions, that is something that we're looking into as a future release.
1
Caroline Kello
Hello,
Thanks for reaching out. Together with our Product Security team we're currently looking into what we can do for malware attachment scanning, regardless of attachment origin. Currently we only offer scanning for email attachments so you're correct that there's more we should do from a product security standpoint.
Thanks for raising this,
Caroline
0
Alfredo Roca
The file type restrictions are not working in the contact form. This should be easy to fix.
0
George Manning
Hi there. Any update on this security issue? This was flagged as a security issue during a recent audit.
0
George Manning
PS: I believe there is a typo in the original post.
Original: I found that by domain/application...
Likely intent: I found that my domain/application...
0
Phil Baker
Hi,
Will this solution apply to uploads to Gather (community) posts?
Thanks,
Phil
0
Ben Steele
Max McCal - Hi, is there any update on this? Like many above and in separate posts, this has been flagged as a concern through a security audit.
0
Chika Chima
Hi! Ben Steele
Thank you for your question and concerns!
We are working to rollout the Malware Scanning feature towards the beginning of June 2022. There will be more information here on the help center soon.
-1
Phil Baker
Hi Chika Chima
Will this rollout allow uploads to Gather (community) posts?
Thanks,
Phil
0
Chika Chima
Hi Phil,
Unfortunately it is not on this first release. For future releases, we are looking into more integrations of products
-1