Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2020-29007

Description

The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code.

POC

Reference

- https://github.com/seqred-s-a/cve-2020-29007

Github

- https://github.com/ARPSyndicate/cvemon

- https://github.com/RIvance/PKU_GeekGame_2022_Writeup_Unofficial

- https://github.com/developer3000S/PoC-in-GitHub

- https://github.com/hangone/GeekGame-2022-WriteUp

- https://github.com/hectorgie/PoC-in-GitHub

- https://github.com/mariodon/GeekGame-2nd-Writeup

- https://github.com/mbiel92/Hugo-MB

- https://github.com/mmiszczyk/lilypond-scheme-hacking

- https://github.com/seqred-s-a/cve-2020-29007