Many websites in serious danger from critical ImageMagick vulnerability

Nikolay Ermishkin from the Mail.Ru security team has discovered several vulnerabilities in ImageMagick.

One of the bugs, dubbed ImageTragick, allows an attacker to execute code remotely on web servers that use the ImageMagick library.

Mail.Ru said the vulnerability exists thanks to insufficient parameter filtering in ImageMagick’s delegation feature, which allows it to process files with external libraries.

Due to the inadequate parameter filtering, it is possible to perform shell command injection.

Ways to mitigate the vulnerabilities are listed on the ImageTragick website.

10-year-old hacks Instagram

Free web security certificate Let’s Encrypt

How to hack Slack accounts: search Github

Over 300 hacking attempts on Gauteng school application system

Latest news

Partner Content

Show comments

Recommended

Share this article
Many websites in serious danger from critical ImageMagick vulnerability