1

A pretty basic API initialized with Spring Boot + Tomcat which serves multiple (4) endpoints. This API is exposed to public and receives requests in those endpoints only.

None of those are for File uploading. We are monitoring the API and noticed the following message: "Creating the temporary upload location [C:\Users[user]\AppData\Local\Temp\tomcat.443.338388046123984973\work\Tomcat\localhost\ROOT] as it is required by the servlet [dispatcherServlet]". I was wondering if someone tried to upload a file as an exploit because we noticed some exploits attempts before (log4j, random-requests to other non-existing endpoints, etc)

Should I be worried? How I can disable it?

gaxelac
  • 61
  • 5
  • Does this answer your question? [Disable spring boot multipart upload by controller](https://stackoverflow.com/questions/38133381/disable-spring-boot-multipart-upload-by-controller) – pringi Mar 25 '22 at 14:37
  • I have disabled the property just in case, I cannot replicate the attack as I don't know how it was done. I was wondering if someone that knows about Catalina has more information about it. – gaxelac Mar 25 '22 at 14:50

1 Answers1

0

You can disable mutlipart/form with the following spring property

spring.servlet.multipart.enabled = false
jfk
  • 4,335
  • 34
  • 27