CVE 2022 30781 Save

🍵 Gitea repository migration remote command execution exploit.

Project README

🍵 CVE-2022-30781

Gitea repository migration remote command execution exploit.

How to use

Run an HTTP filesystem server with the files in this repository.
Edit the command to be exeucted in api/v1/repos/e99/exp/pulls/1/index.html L96.
Migrate remote repository with URL http://<your_host>/e99/exp on the Gitea instance.
Pwnned!

Reference

https://tttang.com/archive/1607/ (Chinese)

Credit

@wuhan005 @Li4n0 from Vidar-Team

This repository is only for security researches/teaching purposes, use at your own risk!

Open Source Agenda is not affiliated with "CVE 2022 30781" Project. README Source: wuhan005/CVE-2022-30781

Stars

Open Issues

Last Commit

1 year ago

Repository

wuhan005/CVE-2022-30781

Open Source Agenda Badge

<a href="https://www.opensourceagenda.com/projects/cve-2022-30781"><img src="https://www.opensourceagenda.com/projects/cve-2022-30781/reviews/badge.svg" alt="Open Source Agenda"></a>

Submit Review Review Your Favorite Project

Submit Resource Articles, Courses, Videos

Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022