Both the Netsparker Desktop and Netsparker Cloud web application security scanners have been updated and can automatically check if a target web application or web service is vulnerable to the Remote Code Execution via file upload in ImageMagick.
Another day and another popularized vulnerability, or better, a collection of vulnerabilities. MagicTragick is a collection of vulnerabilities in a popular software suite called ImageMagick, which is used to resize, flip, mirror and do other image manipulation work.
One of the vulnerabilities is a direct impact one and can lead to a Remote Code Execution. In other words, an attacker can upload an image tampered with malicious code and once the vulnerability is exploited the attacker can execute code remotely. For more detailed information on ImageTragick refer to the vulnerability's website.
ImageMagick is very popular library and is used by many web services, WordPress plugins and other non PHP web applications. Scan all your web applications and web services with Netsparker to find out if they are vulnerable.
If you have a large number of websites you can use Netsparker Cloud, which can easily scale up and scan hundreds and thousands of websites for security flaws within just a few hours.