Vulnerability identifier: #VU5850
Vulnerability risk: High
CVSSv3.1: 9.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-918
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
ImageMagick
Client/Desktop applications /
Multimedia software
Vendor: ImageMagick.org
Description
The vulnerability allows a remote attacker to perform server-side forgery attacks and compromise vulnerable application.
The weakness exists due to the failure to properly prevent the disclosure of file contents when processing certain MVG files. A remote attacker can persuade the victim to open specially crafted images using the .mvg file to trick the victim host into performing HTTP requests or opening FTP sessions.
Successful exploitation of this vulnerability may allow an attacker to perform SSRF attack to retrieve information for further attacks against vulnerable system by performing unauthorized connections to local resources, gain access to sensitive information and compromise vulnerable system.
Mitigation
Update to version 6.9.3-10 or 7.0.1-1.
Vulnerable software versions
ImageMagick: 6.9.3-0 - 6.9.3-10, 7.0.1-0 - 7.0.1-1, 7.0.0-0
External links
http://imagetragick.com/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.