CVE-2022-2185

Description

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution.

NVD
Severity: HIGH
CVE ID: CVE-2022-2185
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

GitLab Inc.
Severity: CRITICAL
CVE ID: CVE-2022-2185
CVSS Score: 9.9
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2022-2185

Refrence: Project Discovery GitHub

safe3s

CVE-2022-2185 poc

Refrence: GitHub

ESUAdmin

wo ee cve-2022-2185 gitlab authenticated rce

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept