logo

Database

Insecure file upload In gogs.io/gogs

Description

Unrestricted Upload of File with Dangerous Type in Gogs

Impact

The malicious user is able to upload a crafted config file into repository's .git directory with to gain SSH access to the server. All installations with repository upload enabled (default) are affected.

Patches

Repository file uploads are prohibited to its .git directory. Users should upgrade to 0.12.6 or the latest 0.13.0+dev.

Workarounds

Disable repository files upload.

References

https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902/

For more information

If you have any questions or comments about this advisory, please post on #6833.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-04152. NVD-2022-04153. OSV-2022-04154. GHSA-5gjh-5j4f-cpwv5. GCVE-2022-0415

References

1. https://github.com/gogs/gogs/security/advisories/GHSA-5gjh-5j4f-cpwv2. https://github.com/gogs/gogs/issues/68333. https://github.com/gogs/gogs/pull/68384. https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c506172845. https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d56737979026. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-0415.yaml

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.

FLAT-3V2BP – Vulnerability | Fluid Attacks Database