← back
CVE-2021-22204

CVE-2021-22204

CVSS 6.8 MEDIUMEPSS 100.0%● KEVCWE-94
In short

ExifTool can be tricked into running harmful code when reading a specially crafted DjVu image file. An attacker can exploit this by sending a malicious image that executes arbitrary commands on the affected system.

Technical detail

ExifTool versions 7.44+ fail to properly neutralize untrusted input when parsing DjVu file metadata, allowing injection of arbitrary code through crafted image files. The attack vector is local/remote file parsing with no user interaction required; successful exploitation leads to arbitrary code execution in the context of the ExifTool process.

Summary generated and translated by AI from the official description.
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Affected products
ExifTool · ExifTool
public PoCs found19
githubgithub.com/convisolabs/CVE-2021-22204-exiftool96githubgithub.com/UNICORDev/exploit-CVE-2021-2220452githubgithub.com/AssassinUKG/CVE-2021-2220427githubgithub.com/se162xg/CVE-2021-2220412githubgithub.com/bilkoh/POC-CVE-2021-222048githubgithub.com/Akash7350/CVE-2021-222044githubgithub.com/PenTestical/CVE-2021-222043githubgithub.com/trganda/CVE-2021-222043githubgithub.com/ph-arm/CVE-2021-22204-Gitlab2githubgithub.com/Asaad27/CVE-2021-22204-RSE0githubgithub.com/battleofthebots/dejavu0githubgithub.com/cc3305/CVE-2021-222040githubgithub.com/Roronoawjd/CVE-2021-222040githubgithub.com/d4ytox/CVE-2021-222040exploitdbwww.exploit-db.com/exploits/50911unverifiedcve_referencepacketstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.htmlunverifiedcve_referencepacketstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/162558/ExifTool-DjVu-ANT-Perl-Injection.htmlhttp://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.htmlhttp://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/167038/ExifTool-12.23-Arbitrary-Code-Execution.htmlhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22204.jsonhttps://hackerone.com/reports/1154542https://lists.debian.org/debian-lts-announce/2021/05/msg00018.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDKDLJLBTBBR66OOPXSXCG2PQRM5KCZL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F6UOBPU3LSHAPRRJNISNVXZ5DSUIALLV/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4RF6PJCJ6NQOVJJJF6HN6BORUQVIXY6/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22204