ID de Prueba:	1.3.6.1.4.1.25623.1.0.113773
Categoría:	Web application abuses
Título:	Gitea >= 1.1.0, <= 1.12.5 RCE Vulnerability
Resumen:	Gitea is prone to a remote code execution (RCE) vulnerability.
Descripción:	Summary: Gitea is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: The vulnerability is exploitable via the git hook feature. Vulnerability Impact: Successful exploitation would allow an authenticated attacker to execute arbitrary code on the target machine. Affected Software/OS: Gitea versions 1.1.0 through 1.12.5. Solution: Update to version 1.13.0. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-14144 http://packetstormsecurity.com/files/162122/Gitea-Git-Hooks-Remote-Code-Execution.html https://docs.github.com/en/enterprise-server@2.19/admin/policies/creating-a-pre-receive-hook-script https://docs.gitlab.com/ee/administration/server_hooks.html https://github.com/PandatiX/CVE-2021-28378 https://github.com/PandatiX/CVE-2021-28378#notes https://github.com/go-gitea/gitea/pull/13058 https://github.com/go-gitea/gitea/releases https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.