8 matches found
Metasploit Weekly Wrap-Up
Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream CVE-2021-39144 There’s nothing quite like a pre-authenticated remote code execution vulnerability in a piece of enterprise software. This week, community contributor h00die-gr3y added a module that targets VMware NSX...
Gitea Git Fetch Remote Code Execution
This module exploits Git fetch command in Gitea repository migration process that leads to a remote command execution on the system. This vulnerability affect Gitea before 1.16.7 version. Module Options msf use exploit/multi/http/giteagitfetchrce msf exploitgiteagitfetchrce show targets...
Gitea Git Fetch Remote Code Execution Exploit
This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to 1.16.7. This module requires Metasploit: https://metasploit.com/download Current source:...
Gitea 1.16.6 Remote Code Execution
Exploit Title: Gitea Git Fetch Remote Code Execution Date: 09/14/2022 Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea...
CVE-2022-30781
creationtimestamp| type| source ---|---|--- 2022-09-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51009 2022-09-17 18:44:39+00:00| published-proof-of-concept| https://t.me/proxybar/991 2022-10-11 13:24:05+00:00| published-proof-of-concept|...
Gitea 1.16.6 - Remote Code Execution Exploit
Exploit Title: Gitea Git Fetch Remote Code Execution Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea repository migration...
CVE-2022-30781
Gitea before 1.16.7 does not escape git fetch remote...
CVE-2022-30781
CVE-2022-30781 affects Gitea prior to 1.16.7. The issue arises from improper escaping in the git fetch remote during repository migration, enabling remote command execution. Public details confirm a Git fetch remote code path as the root cause and that versions before 1.16.7 are vulnerable; mitig...