Main
Vulnerability Database
Exploits
ID:8374 - Exploit for Input validation error in Gitea - CVE-2022-30781
ID:8374 - Exploit for Input validation error in Gitea - CVE-2022-30781
Published: September 18, 2022
Vulnerability identifier: #VU63998
Vulnerability risk: Medium
CVE-ID: CVE-2022-30781
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
Gitea
Gitea
Link to public exploit:
Vulnerability description
The vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when processing git fetch remote command. A remote user can migrate a specially crafted repository to the affected Gitea instance and execute arbitrary code on the system.
Remediation
Install updates from vendor's website.