Improper Access Control in liukuo362573/yishaadmin
Feb 8th 2022
https://www.github.com/liukuo362573/yishaadmin has an endpoint "/admin/File/DeleteFile" that allows deleting files without authentication.
Server doesn't check user's permission when attacker access the endpoint. After that, server will directly call delete function with the parameters provided by the attacker. These parameters are also not checked and filtered in DeleteFile function (https://github.com/liukuo362573/YiShaAdmin/blob/master/YiSha.Util/YiSha.Util/FileHelper.cs#L140), leads to many information security risks.
Unauthenticated user can delete file on server.