MyScreenTools OS Command Injection Vulnerability in GIF Compression Tool
Vulnerability
A critical OS command injection vulnerability has been identified in MyScreenTools version 2.2.1.0, specifically within the GIF compression feature. The issue arises because the application does not properly sanitize user-provided file paths before sending them to cmd.exe. This oversight allows attackers to execute arbitrary system commands with the same privileges as the user running the application. The vulnerability is located in the CMD() function of 'GIFSicleTool\Form_gif_sicle_tool.cs', where shell commands are created by concatenating unsanitized user input (file paths) and executed via cmd.exe.
Impact
Exploitation of this vulnerability allows for arbitrary command execution on the host system, potentially leading to a complete system compromise under the user's privileges.
Reproduction
To reproduce this vulnerability, create a malicious GIF file with a crafted filename that includes command injection payloads, such as 'payload.gif&calc.exe&ren.gif'. Then, upload this file through the MyScreenTools GIF compression tool, which will execute the injected command (in this case, opening the calculator)
Remediation
Users are advised to update to the latest version of MyScreenTools, where this vulnerability has been addressed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.