|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-07-22 | |
| Rule Name: | Gitlist Unauthenticated Remote Command Execution Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Gitlist is a web-based Git repository browser written in PHP, allowing users to browse Git repositories, view submission history and file content through a web interface. It has an unverified remote command execution vulnerability. The vulnerability is due to incorrect cleaning of user controlled values passed in search queries. By exploiting this vulnerability, unauthorized remote attackers can execute arbitrary operating system commands on the target server. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |