module
GitLab Unauthenticated Remote ExifTool Command Injection
| Disclosed |
|---|
| Apr 14, 2021 |
Disclosed
Apr 14, 2021
Description
This module exploits an unauthenticated file upload and command
injection vulnerability in GitLab Community Edition (CE) and
Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6,
and 13.8.8.
Exploitation will result in command execution as the git user.
injection vulnerability in GitLab Community Edition (CE) and
Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6,
and 13.8.8.
Exploitation will result in command execution as the git user.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.