9.8
CVE-2021-33564
- EPSS 72.25%
- Veröffentlicht 29.05.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 06:09:06
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAn argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dragonfly Project ≫ Dragonfly SwPlatformruby Version < 1.4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 72.25% | 0.994 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
https://github.com/markevans/dragonfly/commit/25399297bb457f7fcf8e3f91e85945b255b111b5
https://github.com/markevans/dragonfly/compare/v1.3.0...v1.4.0
https://github.com/markevans/dragonfly/issues/513
https://github.com/mlr0p/CVE-2021-33564
https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/master/cves/2021/CVE-2021-33564.yaml
https://zxsecurity.co.nz/research/argunment-injection-ruby-dragonfly/