Download Netsparker
Pricing
Blog
Contact
Netsparker

Are Your Web Applications Vulnerable to ImageTragick? Scan Them with Netsparker

Category: News - Tags: imagetragick , vulnerability check , netsparker cloud update , netsparker desktop update - Mon, 09 May 2016, by Robert Abela

Both the Netsparker Desktop and Netsparker Cloud web application security scanners have been updated and can automatically check if a target web application or web service is vulnerable to the Remote Code Execution via file upload in ImageMagick.

What is ImageTragick?

Another day and another popularized vulnerability, or better, a collection of vulnerabilities. MagicTragick is a collection of vulnerabilities in a popular software suite called ImageMagick, which is used to resize, flip, mirror and do other image manipulation work.

Remote Code Execution in MagicTragick

One of the vulnerabilities is a direct impact one and can lead to a Remote Code Execution. In other words, an attacker can upload an image tampered with malicious code and once the vulnerability is exploited the attacker can execute code remotely. For more detailed information on ImageTragick refer to the vulnerability's website.

Scan Your Websites with Netsparker Web Application Security Scanners

ImageMagick is very popular library and is used by many web services, WordPress plugins and other non PHP web applications. Scan all your web applications and web services with Netsparker to find out if they are vulnerable.

If you have a large number of websites you can use Netsparker Cloud, which can easily scale up and scan hundreds and thousands of websites for security flaws within just a few hours.

Netsparker Wep Application Security Scanner Find and Exploit vulnerabilities in Web Applications with Netsparker

Request Demo version of Netsparker ProfessionalorBuy Netsparker Professional

Follow us