automatic module_metadata_base.json update

2023-02-14 16:23:51 -06:00 · 2023-02-14 16:23:51 -06:00 · 165b0f8d61
parent ac9d60ce9e
commit 165b0f8d61
1 changed files with 63 additions and 0 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -87513,6 +87513,69 @@
    "session_types": false,
    "needs_cleanup": null
  },
+  "exploit_multi/http/gitlab_github_import_rce_cve_2022_2992": {
+    "name": "GitLab GitHub Repo Import Deserialization RCE",
+    "fullname": "exploit/multi/http/gitlab_github_import_rce_cve_2022_2992",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2022-10-06",
+    "type": "exploit",
+    "author": [
+      "William Bowling (vakzz)",
+      "Heyder Andrade <https://infosec.exchange/@heyder>",
+      "RedWay Security <https://infosec.exchange/@redway>"
+    ],
+    "description": "An authenticated user can import a repository from GitHub into GitLab.\n          If a user attempts to import a repo from an attacker-controlled server,\n          the server will reply with a Redis serialization protocol object in the nested\n          `default_branch`. GitLab will cache this object and\n          then deserialize it when trying to load a user session, resulting in RCE.",
+    "references": [
+      "URL-https://hackerone.com/reports/1679624",
+      "URL-https://github.com/redwaysecurity/CVEs/tree/main/CVE-2022-2992",
+      "URL-https://gitlab.com/gitlab-org/gitlab/-/issues/371884",
+      "CVE-2022-2992"
+    ],
+    "platform": "Linux,Unix",
+    "arch": "cmd",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "Unix Command"
+    ],
+    "mod_time": "2023-02-14 15:26:01 +0000",
+    "path": "/modules/exploits/multi/http/gitlab_github_import_rce_cve_2022_2992.rb",
+    "is_install_path": true,
+    "ref_name": "multi/http/gitlab_github_import_rce_cve_2022_2992",
+    "check": true,
+    "post_auth": true,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
  "exploit_multi/http/gitlab_shell_exec": {
    "name": "Gitlab-shell Code Execution",
    "fullname": "exploit/multi/http/gitlab_shell_exec",