This Metasploit module exploits a command injection vulnerability in Apache Tika versions 1.15 through 1.17 on Windows. A file with the image/jp2 content-type is used to bypass magic byte checking. When OCR is specified in the request, parameters can be passed to change the parameters passed at command line to allow for arbitrary JScript to execute. A JScript stub is passed to execute arbitrary code. This module was verified against version 1.15 through 1.17 on Windows 2012. While the CVE and finding show more versions vulnerable, during testing it was determined only versions greater than 1.14 were exploitable due to jp2 support being added.
1d10dcd077954ec22984a947fb2e56ca4e13c135682dadd44362021acac47063
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed