← back
CVE-2016-3718

CVE-2016-3718

CVSS 5.5 MEDIUMEPSS 76.9%● KEVCWE-918
In short

ImageMagick can be tricked into making unwanted network requests (HTTP or FTP) when processing a specially crafted image. An attacker could exploit this to access internal systems or services that should not be publicly reachable.

Technical detail

The HTTP and FTP coders in ImageMagick before version 6.9.3-10 and 7.x before 7.0.1-1 are vulnerable to SSRF attacks. An attacker can supply a malicious image file that causes the application to make unintended server-side requests to internal or restricted network resources, potentially bypassing firewall restrictions or accessing sensitive services.

Summary generated and translated by AI from the official description.
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/39767/unverifiedexploitdbwww.exploit-db.com/exploits/39767unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLoghttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0726.htmlhttps://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlhttps://security.gentoo.org/glsa/201611-21https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3718https://www.exploit-db.com/exploits/39767/https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588