.. / CVE-2021-22214

Exploit for Gitlab CE/EE 10.5 - Server-Side Request Forgery (CVE-2021-22214)

Description:

GitLab CE/EE versions starting from 10.5 are susceptible to a server-side request forgery vulnerability when requests to the internal network for webhooks are enabled, even on a GitLab instance where registration is limited. The same vulnerability actually spans multiple CVEs, due to similar reports that were fixed across separate patches. These CVEs are CVE-2021-39935, CVE-2021-22214, CVE-2021-22175

Nuclei Template

View the template here CVE-2021-22214.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-22214.yaml

References:

https://docs.gitlab.com/ee/api/lint.html
https://nvd.nist.gov/vuln/detail/CVE-2021-22214
https://vin01.github.io/piptagole/gitlab/ssrf/security/2021/06/15/gitlab-ssrf.html
https://nvd.nist.gov/vuln/detail/CVE-2021-22175
https://nvd.nist.gov/vuln/detail/CVE-2021-39935

.. / CVE-2021-22214 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Gitlab CE/EE 10.5 - Server-Side Request Forgery (CVE-2021-22214)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2021-22214