header-logo
Suggest Exploit
vendor:
Typora
by:
Ahmet Ümit BAYRAM
6.1
CVSS
HIGH
OS Command Injection
78
CWE
Product Name: Typora
Affected Version From: 38169
Affected Version To: 1.7.2004
Patch Exists: NO
Related CWE: CVE-2023-XXXXX
CPE: a:typora:typora:1.7.4
Metasploit:
Other Scripts:
Platforms Tested: Windows 2019 Server 64bit
2023

Typora v1.7.4 – OS Command Injection

Typora v1.7.4 is vulnerable to OS command injection. By manipulating the 'run command' feature in the PDF export settings, an attacker can inject and execute arbitrary commands, leading to unauthorized access or further exploitation of the system. This vulnerability was discovered by Ahmet Ümit BAYRAM on 13.09.2023.

Mitigation:

To mitigate this vulnerability, users should avoid inputting and executing arbitrary commands in the 'run command' feature. It is recommended to validate and sanitize user inputs before processing them to prevent command injections.
Source

Exploit-DB raw data:

# Exploit Title: Typora v1.7.4 - OS Command Injection
# Discovered by: Ahmet Ümit BAYRAM
# Discovered Date: 13.09.2023
# Vendor Homepage: http://www.typora.io
# Software Link: https://download.typora.io/windows/typora-setup-ia32.exe
# Tested Version: v1.7.4 (latest)
# Tested on: Windows 2019 Server 64bit

# # #  Steps to Reproduce # # #

# Open the application
# Click on Preferences from the File menu
# Select PDF from the Export tab
# Check the “run command” at the bottom right and enter your reverse shell
command into the opened box
# Close the page and go back to the File menu
# Then select PDF from the Export tab and click Save
# Reverse shell is ready!

Navigation

Suggest Exploit

Services By CQR