This Metasploit module exploits the Git fetch command in Gitea repository migration process that leads to a remote command execution on the system This vulnerability affects Gitea versions prior to 1167 ...
🍵 CVE-2022-30781
Gitea repository migration remote command execution exploit
How to use
Run an HTTP filesystem server with the files in this repository
Edit the command to be exeucted in api/v1/repos/e99/exp/pulls/1/indexhtml L96
Migrate remote repository with URL <your_host>/e99/exp on the Gitea instance
Pwnned!
Reference
tttangcom/archi
🍵 CVE-2022-30781
Gitea repository migration remote command execution exploit
How to use
Run an HTTP filesystem server with the files in this repository
Edit the command to be exeucted in api/v1/repos/e99/exp/pulls/1/indexhtml L96
Migrate remote repository with URL <your_host>/e99/exp on the Gitea instance
Pwnned!
Reference
tttangcom/archi
Vulmon