Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-0415 PoC — gogs 代码问题漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-0415.yaml
Associated Vulnerability
Title:gogs 代码问题漏洞 (CVE-2022-0415)
Description:Gogs(Go Git Service)是GOGS团队的一个基于Go语言的自助Git托管服务,它支持创建、迁移公开/私有仓库,添加、删除仓库协作者等。 gogs 0.12.6之前版本存在安全漏洞,攻击者可以上传存储库文件时利用该漏洞进行远程代码执行。
Description
Gogs before 0.12.6 is susceptible to remote command execution via the uploading repository file in GitHub repository gogs/gogs. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
File Snapshot

 id: CVE-2022-0415

info:
  name: Gogs <0.12.6 - Remote Command Execution
  author: theamanrawat
  se

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.