Gitlab 14.9 – Authentication Bypass

• Exploit Database
• 14 阅读

• 作者： Greenwolf
  日期： 2022-04-26
• 类别：

  • webapps
  平台：

  • ruby
• 来源：https://www.exploit-db.com/exploits/50888/

• # Exploit Title: Gitlab 14.9 - Authentication Bypass
  # Date: 12/04/2022
  # Exploit Authors: Greenwolf
  # Vendor Homepage: https://about.gitlab.com/
  # Software Link: https://about.gitlab.com/install
  # Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2
  # Tested on: Linux
  # CVE : CVE-2022-1162
  # References: https://github.com/Greenwolf/CVE-2022-1162
  
  A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts.
  
  Exploit:
  
  New Gitlab Accounts (created since the first affect version and if Gitlab is before the patched version) can be logged into with the following password:
  
  123qweQWE!@#000000000