Listen to this Post
The vulnerability resides in Active Storage’s DirectUploadsController, which accepts a JSON `metadata` hash directly from the client during direct upload initiation. Internally, Active Storage stores critical state flags such as `identified` (whether the blob’s content type has been identified) and `analyzed` (whether video/audio analysis occurred) inside the same metadata hash. By crafting a direct‑upload request that includes these reserved keys, an attacker can set them to `true` before the server processes the upload. When the blob is later saved, Active Storage skips the normal content‑type identification and analysis steps because it sees these flags already set. This allows a malicious client to upload a file with a misleading content type (e.g., a JavaScript file disguised as a PNG) and have it accepted as the claimed type, bypassing server‑side verification. The attack requires only the ability to perform a direct upload, which is commonly exposed in applications using Active Storage with direct uploads enabled. The vulnerability affects all Rails versions in the 7.2.x, 8.0.x, and 8.1.x series prior to the patched releases, where the server now rejects any client‑supplied metadata keys that match internal reserved flags.
Platform: Rails Active Storage
Version: <7.2.3.1, <8.0.4.1, <8.1.2.1
Vulnerability : Metadata flag injection
Severity: Moderate
date: Mar 23, 2026
Prediction: Mar 23, 2026
What Undercode Say:
Check Rails version bundle exec rails about | grep "Rails version" Check Active Storage direct uploads configuration grep -r "direct_uploads" config/routes.rb config/initializers/ Verify blob metadata filtering patch git show 6f7b2c1 | grep "def create"
Exploit:
Send a crafted JSON payload to `/rails/active_storage/direct_uploads`:
{
"blob": {
"filename": "evil.js",
"content_type": "image/png",
"metadata": {
"identified": true,
"analyzed": true,
"custom": "anything"
}
}
}
The server stores the blob with identified=true, bypassing content‑type validation.
Protection from this CVE
Upgrade to Rails 7.2.3.1, 8.0.4.1, or 8.1.2.1 immediately. If upgrading is impossible, override `DirectUploadsControllercreate` to strip reserved metadata keys before blob creation.
Impact
Attackers can upload arbitrary files (e.g., XSS payloads, malicious scripts) with spoofed content types, leading to cross‑site scripting, server‑side execution, or storage of unexpected file types that may be served as trusted resources.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

