CVE-2024-41817

HIGH

Imagemagick < 7.1.1-36 - Uncontrolled Search Path

Title source: rule

Description

ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The `AppImage` version `ImageMagick` might use an empty path when setting `MAGICK_CONFIGURE_PATH` and `LD_LIBRARY_PATH` environment variables while executing, which might lead to arbitrary code execution by loading malicious configuration files or shared libraries in the current working directory while executing `ImageMagick`. The vulnerability is fixed in 7.11-36.

Exploits (3)

github WORKING POC 2 stars

by adminlove520 · pythonpoc

https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2024/CVE-2024-41817

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by Dxsk · poc

https://github.com/Dxsk/CVE-2024-41817-poc

View Code ZIP pw:eip

nomisec WORKING POC

by maikneysm · poc

https://github.com/maikneysm/AutoPwn-Titanic.htb

View Code ZIP pw:eip

References (3)

[Issue Tracking] https://github.com/ImageMagick/ImageMagick/blob/3b22378a23d59d7517c43b65b1822f023df357a0/app-image/AppRun#L11-L14

[Patch] https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38

[Exploit, Vendor Advisory] https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8

Scores

CVSS v3 7.0

EPSS 0.1859

EPSS Percentile 95.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-427

Status published

Products (1)

imagemagick/imagemagick 7.0.11-13 - 7.1.1-36

Published Jul 29, 2024

Tracked Since Feb 18, 2026