CVEs-PoC/2020/CVE-2020-29599.md

### [CVE-2020-29599](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29599)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.

### POC

#### Reference
- https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/barrracud4/image-upload-exploits
- https://github.com/coco0x0a/CVE-2020-29599
- https://github.com/nomi-sec/PoC-in-GitHub