CVE-2022-36231

CRITICAL

pdf_info 0.5.3 - OS Command Injection via Backticks

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-36231. PoCs published by affix.

AI-analyzed exploit summary The repository contains a functional exploit for CVE-2022-36231, demonstrating OS command injection in the `pdf_info` Ruby gem (<=0.5.3) via unvalidated input in the `PDF::Info` object initialization. The PoC includes a reverse shell payload executed through command chaining.

Description

pdf_info 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3.

Exploits (1)

nomisec WORKING POC 5 stars
by affix · poc
https://github.com/affix/CVE-2022-36231

The repository contains a functional exploit for CVE-2022-36231, demonstrating OS command injection in the `pdf_info` Ruby gem (<=0.5.3) via unvalidated input in the `PDF::Info` object initialization. The PoC includes a reverse shell payload executed through command chaining.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: pdf_info Ruby gem <= 0.5.3
No auth needed
Prerequisites: Ruby environment with the vulnerable `pdf_info` gem installed · Network connectivity for reverse shell payload
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 9.8
EPSS 0.2256
EPSS Percentile 96.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-78
Status published
Products (2)
newspaperclub/pdf_info 0.5.3
rubygems/pdf_info 0RubyGems
Published Feb 23, 2023
Tracked Since Feb 18, 2026