Exploit for #VU52794 Code Injection in ExifTool

Published: 2021-05-12 | Updated: 2023-06-18

Vulnerability identifier: #VU52794

Vulnerability risk: High

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2021-22204

CWE-ID: CWE-94

Exploitation vector: Network

Exploits in database: 22

June 18, 2023
- CVE-2021-22204 () [Github]
May 14, 2023
- CVE-2021-22204-exiftool (exiftool exploit) [Github]
January 23, 2023
- CVE-2021-22204-exiftool (exiftool exploit) [Github]
August 7, 2022
- CVE-2021-22204 (A complete PoC for CVE-2021-22204 exiftool RCE ) [Github]
May 23, 2022
- CVE-2021-22204-exiftool (exiftool exploit) [Github]
May 13, 2022
- ExifTool 12.23 - Arbitrary Code Execution [Exploit-DB]
May 11, 2022
- ExifTool 12.23 Arbitrary Code Execution [Packet Storm]
May 1, 2022
- exploit-CVE-2021-22204 (Exploit for CVE-2021-22204 (ExifTool) - Arbitrary Code Execution) [Github]
March 27, 2022
- CVE-2021-22204 (Script en python para crear imagenes maliciosas (reverse shell)) [Github]
January 25, 2022
- CVE-2021-22204 () [Github]
December 29, 2021
- CVE-2021-22204 () [Github]
December 7, 2021
- CVE-2021-22204-RSE (reverse shell execution exploit of CVE 22204) [Github]
November 25, 2021
- GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated) [Exploit-DB]
November 4, 2021
- CVE-2021-22204-Gitlab (Modification of gitlab exploit anything under 13.10) [Github]
November 3, 2021
- GitLab Unauthenticated Remote ExifTool Command Injection [Metasploit]
October 14, 2021
- CVE-2021-22204-exiftool (Python exploit for the CVE-2021-22204 vulnerability in Exiftool) [Github]
August 23, 2021
- CVE (A collection of proof-of-concept exploit scripts written by the STAR Labs team for various CVEs that they discovered or found by others.) [Github]
August 2, 2021
- CVE-2021-22204 () [Github]
- CVE-2021-22204 () [Github]
May 24, 2021
- POC-CVE-2021-22204 (POC for exiftool vuln (CVE-2021-22204).) [Github]
May 18, 2021
- CVE-2021-22204 (exiftool arbitrary code execution vulnerability) [Github]
May 12, 2021
- ExifTool DjVu ANT Perl injection [Metasploit]

Impact: Code execution

Vulnerable software:
ExifTool
Universal components / Libraries / Libraries used by multiple products

Vendor: ExifTool