GitLab Unauthenticated Remote ExifTool Command Injection
Posted by deepcore on November 5, 2021 – 10:31 pm
This Metasploit module exploits an unauthenticated file upload and command injection vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6, and 13.8.8. Exploitation will result in command execution as the git user.
Post a reply
You must be logged in to post a comment.