ImageMagick 7.1.0-49 – Arbitrary File Read

• Exploit Database
• 129 阅读

• 作者： Cristian Giustini
  日期： 2023-04-05
• 类别：

  • local
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/51261/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

  # Exploit Title: ImageMagick7.1.0-49 - Arbitrary File Read # Google Dork: N/A # Date: 06/02/2023 # Exploit Author: Cristian &apos;void&apos; Giustini # Vendor Homepage: https://imagemagick.org/ # Software Link: https://imagemagick.org/ # Version: <= 7.1.0-49 # Tested on: 7.1.0-49 and 6.9.11-60 # CVE : CVE-2022-44268 (CVE Owner: Metabase Q Team https://www.metabaseq.com/imagemagick-zero-days/) # Exploit pre-requirements: Rust     # PoC : https://github.com/voidz0r/CVE-2022-44268