Found this:
I did some digging and the hacker posted which exploit he used.
Apparently some boards allowed uploading PDF files, but the site never checked if the PDF file was an actual PDF file. Once a PDF file was uploaded it was passed to a version of Ghostscript from 2012 which would generate a thumbnail. So the attacker found an exploit where uploading a PDF with the right PostScript commands could give the attacker shell access.