Server Side Request Forgery in ImageMagick - CVE-2016-3718
Published: February 17, 2017 / Updated: February 20, 2022
Vulnerability identifier: #VU5850
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2016-3718
CWE-ID: CWE-918
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: ImageMagick.org
Affected software:
ImageMagick
ImageMagick
Detailed vulnerability description
The vulnerability allows a remote attacker to perform server-side forgery attacks and compromise vulnerable application.
The weakness exists due to the failure to properly prevent the disclosure of file contents when processing certain MVG files. A remote attacker can persuade the victim to open specially crafted images using the .mvg file to trick the victim host into performing HTTP requests or opening FTP sessions.
Successful exploitation of this vulnerability may allow an attacker to perform SSRF attack to retrieve information for further attacks against vulnerable system by performing unauthorized connections to local resources, gain access to sensitive information and compromise vulnerable system.
The weakness exists due to the failure to properly prevent the disclosure of file contents when processing certain MVG files. A remote attacker can persuade the victim to open specially crafted images using the .mvg file to trick the victim host into performing HTTP requests or opening FTP sessions.
Successful exploitation of this vulnerability may allow an attacker to perform SSRF attack to retrieve information for further attacks against vulnerable system by performing unauthorized connections to local resources, gain access to sensitive information and compromise vulnerable system.
How to mitigate CVE-2016-3718
Update to version 6.9.3-10 or 7.0.1-1.