利用 jQuery-File-Upload <= 9.x 触发远程命令执行漏洞 (ImageMagick/Ghostscript)

作者: @Ambulong

jQuery-File-Upload 是 Github 上继 jQuery 之后最受关注的 jQuery 项目,该项目最近被披露出一个存在了长达三年之久的任意文件上传漏洞,该漏洞在随后发布的 v9.22.2 版本中被修复,但是在 VulnSpy 团队对代码的复查中发现了另外一个严重的命令执行漏洞,该漏洞允许攻击者通过上传恶意的图片文件来执行任意系统命令。

Read More

Exploit Remote Code Execution via jQuery-File-Upload <= 9.x (ImageMagick/Ghostscript)

Author: @Ambulong

jQuery-File-Upload is the second most starred jQuery project on GitHub, after the jQuery framework itself. The project was recently reported to have a three-year-old arbitrary file upload vulnerability that was fixed in the release of v9.22.2, but another serious command execution vulnerability was found in the VulnSpy team’s review of the code, this vulnerability allows attackers to execute arbitrary system commands by uploading malicious picture files.

Read More