With the exploitation continuing to this day, researchers from Rapid7 decided to look into the number of unpatched systems and determine the scope of the underlying problem. The threat actors do not need to authenticate or use a CSRF token or even a valid HTTP endpoint to use the exploit. The actors used a working exploit published on GitHub on June 4, 2021, allowing them to abuse the vulnerable ExifTool component. Hackers first started exploiting internet-facing GitLab servers in June 2021 to create new users and give them admin rights. See Also: Complete Offensive Security and Ethical Hacking Course This vulnerability gives the remote attacker full access to the repository, including deleting, modifying, and stealing source code. The vulnerability is tracked as CVE-2021-22205 and has a CVSS v3 score of 10.0, allowing an unauthenticated, remote attacker to execute arbitrary commands as the ‘git’ user (repository admin). This module exploits an unauthenticated file upload and command injection vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments remaining unpatched.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |