module
GitLab Unauthenticated Remote ExifTool Command Injection
| Disclosed |
|---|
| 2021-04-14 |
Disclosed
2021-04-14
Description
This module exploits an unauthenticated file upload and command
injection vulnerability in GitLab Community Edition (CE) and
Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6,
and 13.8.8.
Exploitation will result in command execution as the git user.
injection vulnerability in GitLab Community Edition (CE) and
Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6,
and 13.8.8.
Exploitation will result in command execution as the git user.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.