Lucene search
K

8 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/11/18 9:49 p.m.84 views

Metasploit Weekly Wrap-Up

Pre-authenticated Remote Code Execution in VMware NSX Manager using XStream CVE-2021-39144 There’s nothing quite like a pre-authenticated remote code execution vulnerability in a piece of enterprise software. This week, community contributor h00die-gr3y added a module that targets VMware NSX...

6CVSS1.1AI score0.98124EPSS
Exploits14
Metasploit
Metasploit
added 2022/11/17 7:50 p.m.493 views

Gitea Git Fetch Remote Code Execution

This module exploits Git fetch command in Gitea repository migration process that leads to a remote command execution on the system. This vulnerability affect Gitea before 1.16.7 version. Module Options msf use exploit/multi/http/giteagitfetchrce msf exploitgiteagitfetchrce show targets...

7.5CVSS7.3AI score0.87678EPSS
Exploits8
0day.today
0day.today
added 2022/11/17 12:0 a.m.1022 views

Gitea Git Fetch Remote Code Execution Exploit

This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to 1.16.7. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS0.9AI score0.87678EPSS
Exploits8
Packet Storm
Packet Storm
added 2022/09/15 12:0 a.m.343 views

Gitea 1.16.6 Remote Code Execution

Exploit Title: Gitea Git Fetch Remote Code Execution Date: 09/14/2022 Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea...

7.5CVSS0.3AI score0.87678EPSS
Exploits8
Circl
Circl
added 2022/09/15 12:0 a.m.20 views

CVE-2022-30781

creationtimestamp| type| source ---|---|--- 2022-09-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51009 2022-09-17 18:44:39+00:00| published-proof-of-concept| https://t.me/proxybar/991 2022-10-11 13:24:05+00:00| published-proof-of-concept|...

7.5CVSS7.1AI score0.87678EPSS
Exploits8References4
0day.today
0day.today
added 2022/09/15 12:0 a.m.593 views

Gitea 1.16.6 - Remote Code Execution Exploit

Exploit Title: Gitea Git Fetch Remote Code Execution Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea repository migration...

7.5CVSS0.2AI score0.87678EPSS
Exploits8
NVD
NVD
added 2022/05/16 4:15 a.m.22 views

CVE-2022-30781

Gitea before 1.16.7 does not escape git fetch remote...

7.5CVSS0.87678EPSS
Exploits8References5
CVE
CVE
added 2022/05/16 12:0 a.m.439 views

CVE-2022-30781

CVE-2022-30781 affects Gitea prior to 1.16.7. The issue arises from improper escaping in the git fetch remote during repository migration, enabling remote command execution. Public details confirm a Git fetch remote code path as the root cause and that versions before 1.16.7 are vulnerable; mitig...

7.5CVSS7.5AI score0.87678EPSS
Exploits8References5Affected Software1
Rows per page
Query Builder