Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2022-44268

Description

ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).

POC

Reference

- http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html

- https://www.metabaseq.com/imagemagick-zero-days/

Github

- https://github.com/4n86rakam1/notes

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Aledangelo/Pilgrimage_Writeup

- https://github.com/Ashifcoder/CVE-2022-44268-automated-poc

- https://github.com/Baikuya/CVE-2022-44268-PoC

- https://github.com/BhattJayD/PilgrimageCtfExploit

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/CygnusX-26/CVE-2022-44268-fixed-PoC

- https://github.com/FlojBoj/CVE-2022-44268

- https://github.com/GhostTroops/TOP

- https://github.com/HackrHub1/Hacker1-Report

- https://github.com/J0ey17/Automate_Exploit_CVE-2022-44268

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/LGenAgul/ImageMagick-7.1.0.-49-exploit

- https://github.com/Loginsoft-LLC/Linux-Exploit-Detection

- https://github.com/Loginsoft-Research/Linux-Exploit-Detection

- https://github.com/MattiaCossu/Pilgrimage-HackTheBox-CTF

- https://github.com/NataliSemi/-CVE-2022-44268

- https://github.com/PanAdamski/CVE-2022-44268-automated

- https://github.com/Pog-Frog/cve-2022-44268

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/R0drx69/eJPTv2-Prep-CTFs

- https://github.com/Sybil-Scan/imagemagick-lfi-poc

- https://github.com/Threekiii/Awesome-POC

- https://github.com/Threekiii/Vulhub-Reproduce

- https://github.com/Vagebondcur/IMAGE-MAGICK-CVE-2022-44268

- https://github.com/Vulnmachines/imagemagick-CVE-2022-44268

- https://github.com/XiaomingX/awesome-poc-for-red-team

- https://github.com/Yang8miao/prov_navigator

- https://github.com/adhikara13/CVE-2022-44268-MagiLeak

- https://github.com/agathanon/cve-2022-44268

- https://github.com/aneasystone/github-trending

- https://github.com/atici/Exploit-for-ImageMagick-CVE-2022-44268

- https://github.com/backglass/readermagick

- https://github.com/bakery312/Vulhub-Reproduce

- https://github.com/betillogalvanfbc/POC-CVE-2022-44268

- https://github.com/bhavikmalhotra/CVE-2022-44268-Exploit

- https://github.com/chairat095/CVE-2022-44268_By_Kyokito

- https://github.com/dai5z/LBAS

- https://github.com/daniellemonika/CSCE-5552-Prying-Eyes

- https://github.com/doyensec/imagemagick-security-policy-evaluator

- https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC

- https://github.com/enomothem/PenTestNote

- https://github.com/entr0pie/CVE-2022-44268

- https://github.com/fanbyprinciple/ImageMagick-lfi-poc

- https://github.com/g1san/Agents-for-Vulnerable-Dockers-and-related-Benchmarks

- https://github.com/ghgasimovhikmat/HTB_Pilgrimage

- https://github.com/iamthefrogy/BountyHound

- https://github.com/jkobierczynski/cve-2022-44268

- https://github.com/jnschaeffer/cve-2022-44268-detector

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/katseyres2/CVE-2022-44268-pilgrimage

- https://github.com/kljunowsky/CVE-2022-44268

- https://github.com/linuskoester/writeups

- https://github.com/manas3c/CVE-POC

- https://github.com/morningphase/FG-CIBGC

- https://github.com/morningphase/lbas

- https://github.com/mouftan/CVE-2022-44268

- https://github.com/narekkay/auto-cve-2022-44268.sh

- https://github.com/nfm/heroku-CVE-2022-44268-reproduction

- https://github.com/nneonneo/sstic-2023

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/petitfleur/prov_navigator

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/provnavigator/prov_navigator

- https://github.com/tanjiti/sec_profile

- https://github.com/voidz0r/CVE-2022-44268

- https://github.com/whoforget/CVE-POC

- https://github.com/xchopath/file-upload-attack

- https://github.com/y1nglamore/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment

- https://github.com/youwizard/CVE-POC

- https://github.com/zulloper/cve-poc