Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
ExifTool Remote Code Execution Vulnerability

Known Exploited Vulnerabilities CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2021-22204	ExifTool Remote Code Execution Vulnerability	primary_impact	T1059	Command and Scripting Interpreter	Comments The vulnerability is exploited by a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to improper input validation when parsing DjVu files in ExifTool. A remote attacker can pass a specially crafted file to the application and execute arbitrary code on the target system. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. References https://www.cybersecurity-help.cz/vdb/SB2021050302 https://feedly.com/cve/CVE-2021-22204 https://cwe.mitre.org/data/definitions/94.html https://www.infosec4tc.com/cve-2021-22205-gitlab-unauthenticated-remote-code-execution-in-the-wild/
CVE-2021-22204	ExifTool Remote Code Execution Vulnerability	exploitation_technique	T1190	Exploit Public-Facing Application	Comments The vulnerability is exploited by a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to improper input validation when parsing DjVu files in ExifTool. A remote attacker can pass a specially crafted file to the application and execute arbitrary code on the target system. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. References https://www.cybersecurity-help.cz/vdb/SB2021050302 https://feedly.com/cve/CVE-2021-22204 https://cwe.mitre.org/data/definitions/94.html https://www.infosec4tc.com/cve-2021-22205-gitlab-unauthenticated-remote-code-execution-in-the-wild/