.. / CVE-2021-33564

Exploit for Ruby Dragonfly <1.4.0 - Remote Code Execution (CVE-2021-33564)

Description:

Ruby Dragonfly before 1.4.0 contains an argument injection vulnerability that allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility.

Nuclei Template

View the template here CVE-2021-33564.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-33564.yaml

References:

https://github.com/markevans/dragonfly/compare/v1.3.0...v1.4.0
https://nvd.nist.gov/vuln/detail/CVE-2021-33564
https://github.com/markevans/dragonfly/commit/25399297bb457f7fcf8e3f91e85945b255b111b5
https://zxsecurity.co.nz/research/argunment-injection-ruby-dragonfly/
https://github.com/mlr0p/CVE-2021-33564

.. / CVE-2021-33564 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Ruby Dragonfly <1.4.0 - Remote Code Execution (CVE-2021-33564)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2021-33564