.. / CVE-2022-1162

Exploit for GitLab CE/EE - Hard-Coded Credentials (CVE-2022-1162)

Description:

GitLab CE/EE contains a hard-coded credentials vulnerability. A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML), allowing attackers to potentially take over accounts. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-.css file in the header for unauthenticated requests. Positive matches do not guarantee exploitability. Affected versions are 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2.

Nuclei Template

View the template here CVE-2022-1162.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-1162.yaml

References:

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1162.json
https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/cve-hash-harvester
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1162
http://packetstormsecurity.com/files/166828/Gitlab-14.9-Authentication-Bypass.html
https://nvd.nist.gov/vuln/detail/cve-2022-1162

.. / CVE-2022-1162 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for GitLab CE/EE - Hard-Coded Credentials (CVE-2022-1162)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2022-1162