CVE-2023-2825
Description
An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.
Severity: HIGH
CVE ID: CVE-2023-2825
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: CRITICAL
CVE ID: CVE-2023-2825
CVSS Score: 10.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Proof Of Concept
Nuclei Templates for CVE-2023-2825
Refrence: Project Discovery GitHub
Occamsec
GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.
Refrence: GitHub
yuimarudev
CVE-2023-2825 list
Refrence: GitHub
Tornad0007
the proof of concept written in Python for an unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. This is a critical severity issue
Refrence: GitHub
Rubikcuv5
On May 23, 2023 GitLab released version 16.0.1 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 16.0.0. The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug.
Refrence: GitHub
caopengyan
Refrence: GitHub
Content on GitHub
fortra | watchers:167
CVE-2023-28252
Refrence: GitHub
duck-sec | watchers:47
CVE-2023-28252-Compiled-exe
A modification to fortra's CVE-2023-28252 exploit, compiled to exe
Refrence: GitHub
bkstephen | watchers:2
Compiled-PoC-Binary-For-CVE-2023-28252
The repo contains a precompiled binary which can be run on a Windows machine vulnerable to CVE-2023-28252
Refrence: GitHub
Danasuley | watchers:0
CVE-2023-28252-
Обнаружение эксплойта CVE-2023-28252
Refrence: GitHub
726232111 | watchers:0
CVE-2023-28252
Refrence: GitHub