Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file).
CVE-2022-28368 - Dompdf RCE
Dompdf RCE PoC Exploit
Dompdf versions <121 are vulnerable to Remote Code Execution (RCE) by injecting CSS into the data The file can be tricked into storing a malicious font with a php file extension in its font cache, which can later be executed by accessing it from the web
Usage
git clone githubcom/rvizx/CVE-2022-28368
c
This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request
CVE-2022-28368-handler
This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request It will even provide a trigger string to start the exploit :)
Usage
usage: CVE-2022-28368py [-h] -d DOMPDF_LOCATION [-f FONTNAME] -i HTTP_IP [-p HTTP_PORT] [-P PHP] [-w] [-r]
This script han
An exploit script for CVE-2022-28368 designed to make exploitation less annoying, made for a HTB machine
Dompdf-Exploit-RCE
An exploit script for CVE-2022-28368 designed to make exploitation less annoying, made for a HTB machine
Made to make the exploit less tedious and annoying
Vulmon