CVE-2021-22205

Description from NVD

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.

Information Acquisition Date:2023-01-17T17:55Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 10.0 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://hackerone.com/reports/1154542
     source:MISC
     tags:Permissions Required    Third Party Advisory    
 https://gitlab.com/gitlab-org/gitlab/-/issues/327121
     source:MISC
     tags:Broken Link    
 https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json
     source:CONFIRM
     tags:Vendor Advisory    
 http://packetstormsecurity.com/files/164994/GitLab-13.10.2-Remote-Code-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 http://packetstormsecurity.com/files/164768/GitLab-Unauthenticated-Remote-ExifTool-Command-Injection.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://lists.astaro.com/ASGV9-IPS-rules.html#024
https://censys.io/blog/cve-2021-22205-it-was-a-gitlab-smash/6
https://thehackernews.com/2021/11/alert-hackers-exploiting-...6
https://twitter.com/0xdea/status/14525365455090606104
https://attackerkb.com/topics/D41jRUXCiJ/cve-2021-22205/rap...4
https://about.gitlab.com/blog/2021/11/04/action-needed-in-r...4
https://www.helpnetsecurity.com/2021/11/04/cve-2021-22205/?...4
https://security.humanativaspa.it/gitlab-ce-cve-2021-22205-...4
https://github.com/RedTeamWing/CVE-2021-222053
https://www.rapid7.com/blog/post/2021/11/01/gitlab-unauthen...3
https://therecord.media/gitlab-servers-are-being-exploited-...3
http://feedproxy.google.com/~r/HelpNetSecurity/~3/jd56c1X64gU/3
https://ipssignatures.appspot.com/?cve=CVE-2021-222053

Information from Twitter

User URL Info Source Date
deepfence https://twitter.com/deepfence/status/1615382403798958080/ph... Source deepfence        1615382403798958080 2023/01/18
deepfence https://forum.gitlab.com/t/cve-2021-22205-how-to-determine-... Source deepfence        1615382407443779584 2023/01/18
ET_Labs https://community.emergingthreats.net/t/gitlab-pre-auth-rce... Source ET_Labs          1626749368710602752 2023/02/18
ET_Labs https://twitter.com/ET_Labs/status/1626749368710602752/photo/1 Source ET_Labs          1626749368710602752 2023/02/18
ET_Labs http://hackerone.com/reports/1154542 Source ET_Labs          1626749382065258498 2023/02/18
ET_Labs http://devcraft.io/2021/05/04/exiftool-arbitrary-code-execu... Source ET_Labs          1626749382065258498 2023/02/18

List of frequently cited URLs

URLNum of Times Referred to
lists.astaro.com24
censys.io6
thehackernews.com6
twitter.com4
attackerkb.com4
about.gitlab.com4
www.helpnetsecurity.com4
security.humanativaspa.it4
github.com3
www.rapid7.com3
therecord.media3
feedproxy.google.com3
ipssignatures.appspot.com3

Information from Twitter

User URL Info Source
deepfence twitter.com Show Tweet
deepfence forum.gitlab.com Show Tweet
ET_Labs community.emergingthreats.net Show Tweet
ET_Labs twitter.com Show Tweet
ET_Labs hackerone.com Show Tweet
ET_Labs devcraft.io Show Tweet
GitHub Search Results: Up to 10
NameURL
mr-r3bot/Gitlab-CVE-2021-22205 https://github.com/mr-r3bot/Gitlab-CVE-2021-22205
Al1ex/CVE-2021-22205 https://github.com/Al1ex/CVE-2021-22205
XTeam-Wing/CVE-2021-22205 https://github.com/XTeam-Wing/CVE-2021-22205
r0eXpeR/CVE-2021-22205 https://github.com/r0eXpeR/CVE-2021-22205
inspiringz/CVE-2021-22205 https://github.com/inspiringz/CVE-2021-22205
whwlsfb/CVE-2021-22205 https://github.com/whwlsfb/CVE-2021-22205
c0okB/CVE-2021-22205 https://github.com/c0okB/CVE-2021-22205
Seals6/CVE-2021-22205 https://github.com/Seals6/CVE-2021-22205
shang159/CVE-2021-22205-getshell https://github.com/shang159/CVE-2021-22205-getshell
runsel/GitLab-CVE-2021-22205- https://github.com/runsel/GitLab-CVE-2021-22205-
GitHub Search Results: Up to 10
NameURL
mr-r3bot/Gitlab-CVE-2021-22205 github.com
Al1ex/CVE-2021-22205 github.com
XTeam-Wing/CVE-2021-22205 github.com
r0eXpeR/CVE-2021-22205 github.com
inspiringz/CVE-2021-22205 github.com
whwlsfb/CVE-2021-22205 github.com
c0okB/CVE-2021-22205 github.com
Seals6/CVE-2021-22205 github.com
shang159/CVE-2021-22205-getshell github.com
runsel/GitLab-CVE-2021-22205- github.com
2023/02/18 Score : 2
Added Har-sia Database : 2021/04/24
Last Modified : 2023/02/18
Highest Scored Date : 2021/11/04
Highest Score : 40