module
MediaWiki Thumb.php Remote Command Execution
| Disclosed | Created |
|---|---|
| 01/28/2014 | 05/30/2018 |
Disclosed
01/28/2014
Created
05/30/2018
Description
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11,
when DjVu or PDF file upload support is enabled, allows remote unauthenticated
users to execute arbitrary commands via shell metacharacters. If no target file
is specified this module will attempt to log in with the provided credentials to
upload a file (.DjVu) to use for exploitation.
when DjVu or PDF file upload support is enabled, allows remote unauthenticated
users to execute arbitrary commands via shell metacharacters. If no target file
is specified this module will attempt to log in with the provided credentials to
upload a file (.DjVu) to use for exploitation.
Authors
Netanel RubinBrandon PerryBen HarrisBen Campbell
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use exploit/multi/http/mediawiki_thumb
msf /(b) > show actions
...actions...
msf /(b) > set ACTION < action-name >
msf /(b) > show options
...show and set options...
msf /(b) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.