← back
CVE-2021-22192

CVE-2021-22192

CVSS 9.9 CRITICALEPSS 13.1%
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on the server.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products
GitLab · GitLab
public PoCs found2
githubgithub.com/EXP-Docs/CVE-2021-2219238githubgithub.com/PetrusViet/Gitlab-RCE13
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22192.jsonhttps://gitlab.com/gitlab-org/gitlab/-/issues/324452https://hackerone.com/reports/1125425