CVE-2023-50254

CRITICAL

deepin_reader < 6.0.7 - Remote Code Execution via Crafted DOCX File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-50254. PoCs published by febinrev.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-50254, a file overwrite vulnerability in Deepin Linux's default document viewer, deepin-reader. The exploit crafts a malicious .docx file with a symlink to overwrite system files (e.g., .bashrc) and achieve remote code execution when the victim opens the file.

Description

Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution (RCE) can be achieved by overwriting files like .bash_rc, .bash_login, etc. RCE will be triggered when the user opens the terminal. Version 6.0.7 contains a patch for the issue.

Exploits (1)

nomisec WORKING POC 16 stars

by febinrev · poc

https://github.com/febinrev/deepin-linux_reader_RCE-exploit

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-50254, a file overwrite vulnerability in Deepin Linux's default document viewer, deepin-reader. The exploit crafts a malicious .docx file with a symlink to overwrite system files (e.g., .bashrc) and achieve remote code execution when the victim opens the file.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: deepin-reader (Deepin Linux default document viewer)

No auth needed

Prerequisites: pandoc installed on the attacker's system · target username · target system running unpatched Deepin Linux

MITRE ATT&CK