CVE-2022-44268
CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Produtos afetados
n/a · n/aPoCs públicas encontradas — 31
githubgithub.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC★ 275githubgithub.com/voidz0r/CVE-2022-44268★ 217githubgithub.com/Sybil-Scan/imagemagick-lfi-poc★ 52githubgithub.com/kljunowsky/CVE-2022-44268★ 27githubgithub.com/entr0pie/CVE-2022-44268★ 13githubgithub.com/y1nglamore/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment★ 10githubgithub.com/Vulnmachines/imagemagick-CVE-2022-44268★ 8githubgithub.com/jnschaeffer/cve-2022-44268-detector★ 5githubgithub.com/agathanon/cve-2022-44268★ 4githubgithub.com/adhikara13/CVE-2022-44268-MagiLeak★ 2githubgithub.com/chairat095/CVE-2022-44268_By_Kyokito★ 2githubgithub.com/Baikuya/CVE-2022-44268-PoC★ 2githubgithub.com/narekkay/auto-cve-2022-44268.sh★ 2githubgithub.com/betillogalvanfbc/POC-CVE-2022-44268★ 1githubgithub.com/fanbyprinciple/ImageMagick-lfi-poc★ 1githubgithub.com/bhavikmalhotra/CVE-2022-44268-Exploit★ 1githubgithub.com/mouftan/CVE-2022-44268★ 0githubgithub.com/Ashifcoder/CVE-2022-44268-automated-poc★ 0githubgithub.com/nfm/heroku-CVE-2022-44268-reproduction★ 0githubgithub.com/Pog-Frog/cve-2022-44268★ 0githubgithub.com/atici/Exploit-for-ImageMagick-CVE-2022-44268★ 0githubgithub.com/Vagebondcur/IMAGE-MAGICK-CVE-2022-44268★ 0githubgithub.com/NataliSemi/-CVE-2022-44268★ 0githubgithub.com/CygnusX-26/CVE-2022-44268-fixed-PoC★ 0githubgithub.com/FlojBoj/CVE-2022-44268★ 0githubgithub.com/katseyres2/CVE-2022-44268-pilgrimage★ 0githubgithub.com/J0ey17/Automate_Exploit_CVE-2022-44268★ 0githubgithub.com/jkobierczynski/cve-2022-44268★ 0githubgithub.com/k-javaman12/CVE-2022-44268-★ 0exploitdbwww.exploit-db.com/exploits/51261não verificadocve_referencepacketstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.htmlnão verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.htmlhttps://imagemagick.org/https://lists.debian.org/debian-lts-announce/2023/03/msg00008.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/https://www.debian.org/security/2023/dsa-5347https://www.metabaseq.com/imagemagick-zero-days/