mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 10:41:43 +00:00
66 lines
3.2 KiB
Markdown
66 lines
3.2 KiB
Markdown
|
### [CVE-2022-44268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268)
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
### Description
|
||
|
|
|
||
|
|
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
|
||
|
|
|
||
|
|
### POC
|
||
|
|
|
||
|
|
#### Reference
|
||
|
|
- http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html
|
||
|
|
- https://www.metabaseq.com/imagemagick-zero-days/
|
||
|
|
|
||
|
|
#### Github
|
||
|
|
- https://github.com/ARPSyndicate/cvemon
|
||
|
|
- https://github.com/Aledangelo/Pilgrimage_Writeup
|
||
|
|
- https://github.com/Ashifcoder/CVE-2022-44268-automated-poc
|
||
|
|
- https://github.com/Baikuya/CVE-2022-44268-PoC
|
||
|
|
- https://github.com/BhattJayD/PilgrimageCtfExploit
|
||
|
|
- https://github.com/CygnusX-26/CVE-2022-44268-fixed-PoC
|
||
|
|
- https://github.com/Loginsoft-LLC/Linux-Exploit-Detection
|
||
|
|
- https://github.com/Loginsoft-Research/Linux-Exploit-Detection
|
||
|
|
- https://github.com/MattiaCossu/Pilgrimage-HackTheBox-CTF
|
||
|
|
- https://github.com/NataliSemi/-CVE-2022-44268
|
||
|
|
- https://github.com/Pog-Frog/cve-2022-44268
|
||
|
|
- https://github.com/Sybil-Scan/imagemagick-lfi-poc
|
||
|
|
- https://github.com/Threekiii/Awesome-POC
|
||
|
|
- https://github.com/Threekiii/Vulhub-Reproduce
|
||
|
|
- https://github.com/Vagebondcur/IMAGE-MAGICK-CVE-2022-44268
|
||
|
|
- https://github.com/Vulnmachines/imagemagick-CVE-2022-44268
|
||
|
|
- https://github.com/Yang8miao/prov_navigator
|
||
|
|
- https://github.com/adhikara13/CVE-2022-44268-MagiLeak
|
||
|
|
- https://github.com/agathanon/cve-2022-44268
|
||
|
|
- https://github.com/aneasystone/github-trending
|
||
|
|
- https://github.com/atici/Exploit-for-ImageMagick-CVE-2022-44268
|
||
|
|
- https://github.com/backglass/readermagick
|
||
|
|
- https://github.com/bakery312/Vulhub-Reproduce
|
||
|
|
- https://github.com/betillogalvanfbc/POC-CVE-2022-44268
|
||
|
|
- https://github.com/bhavikmalhotra/CVE-2022-44268-Exploit
|
||
|
|
- https://github.com/chairat095/CVE-2022-44268_By_Kyokito
|
||
|
|
- https://github.com/dai5z/LBAS
|
||
|
|
- https://github.com/daniellemonika/CSCE-5552-Prying-Eyes
|
||
|
|
- https://github.com/doyensec/imagemagick-security-policy-evaluator
|
||
|
|
- https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC
|
||
|
|
- https://github.com/entr0pie/CVE-2022-44268
|
||
|
|
- https://github.com/fanbyprinciple/ImageMagick-lfi-poc
|
||
|
|
- https://github.com/jnschaeffer/cve-2022-44268-detector
|
||
|
|
- https://github.com/k0mi-tg/CVE-POC
|
||
|
|
- https://github.com/kljunowsky/CVE-2022-44268
|
||
|
|
- https://github.com/linuskoester/writeups
|
||
|
|
- https://github.com/manas3c/CVE-POC
|
||
|
|
- https://github.com/narekkay/auto-cve-2022-44268.sh
|
||
|
|
- https://github.com/nfm/heroku-CVE-2022-44268-reproduction
|
||
|
|
- https://github.com/nomi-sec/PoC-in-GitHub
|
||
|
|
- https://github.com/petitfleur/prov_navigator
|
||
|
|
- https://github.com/provnavigator/prov_navigator
|
||
|
|
- https://github.com/tanjiti/sec_profile
|
||
|
|
- https://github.com/voidz0r/CVE-2022-44268
|
||
|
|
- https://github.com/whoforget/CVE-POC
|
||
|
|
- https://github.com/xchopath/file-upload-attack
|
||
|
|
- https://github.com/y1nglamore/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment
|
||
|
|
- https://github.com/youwizard/CVE-POC
|
||
|
|
|