Exploit for #VU72078 Information disclosure in ImageMagick

Published: 2023-02-09 | Updated: 2023-11-21

Vulnerability identifier: #VU72078

Vulnerability risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-44268

CWE-ID: CWE-200

Exploitation vector: Network

Exploits in database: 15

November 21, 2023
- CVE-2022-44268 (PoC of Imagemagick's Arbitrary File Read) [Github]
September 5, 2023
- Exploit-for-ImageMagick-CVE-2022-44268 (A bash script for easyly exploiting ImageMagick Arbitrary File Read Vulnerability CVE-2022-44268) [Github]
August 14, 2023
- CVE-2022-44268_By_Kyokito (CVE-2022-44268_By_Kyokito) [Github]
July 19, 2023
- autoexploit-cve-2022-44268 (Automating Exploitation of CVE-2022-44268 ImageMagick Arbitrary File Read) [Github]
- auto-cve-2022-44268.sh (Automating Exploitation of CVE-2022-44268 ImageMagick Arbitrary File Read) [Github]
July 3, 2023
- CVE-2022-44268-Exploit (Expoit for CVE-2022-44268) [Github]
June 27, 2023
- CVE-2022-44268-MagiLeak (Tools for working with ImageMagick to handle arbitrary file read vulnerabilities. Generate, read, and apply profile information to PNG files using a command-line interface.) [Github]
February 13, 2023
- CVE-2022-44268 (CVE-2022-44268 ImageMagick Arbitrary File Read - Proof of Concept exploit) [Github]
February 9, 2023

Impact: Information disclosure

Vulnerable software:
ImageMagick
Client/Desktop applications / Multimedia software

Vendor: ImageMagick.org