CVE-2022-44268
a vulnerability has been found in imagemagick 7.1.0-49 (Image Processing Software) and classified as problematic. This vulnerability affects some unknown functionality of the component PNG Image Handler. The manipulation with an unknown input leads to a information disclosure vulnerability. The CWE definition for the vulnerability is CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. As an impact it is known to affect confidentiality.
Exploit
Exploit is publicly available
┌──(kali㉿kali)-[~/archive/htb/labs/pilgrimage]
└─$ git clone https://github.com/voidz0r/CVE-2022-44268.git ; cd CVE-2022-44268
Cloning into 'CVE-2022-44268'...
remote: Enumerating objects: 30, done.
remote: Counting objects: 100% (30/30), done.
remote: Compressing objects: 100% (25/25), done.
remote: Total 30 (delta 8), reused 17 (delta 2), pack-reused 0
Receiving objects: 100% (30/30), 954.74 KiB | 9.64 MiB/s, done.
Resolving deltas: 100% (8/8), done.Cloned