CVE-2022-0415

HIGH NUCLEI

gogs <0.12.6 - RCE

Title source: llm

Description

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.

Nuclei Templates (1)

Gogs <0.12.6 - Remote Command Execution
HIGHVERIFIEDby theamanrawat
Shodan: cpe:"cpe:2.3:a:gogs:gogs" || http.title:"sign in - gogs"
FOFA: title="sign in - gogs"

References (2)

Scores

CVSS v3 8.8
EPSS 0.8961
EPSS Percentile 99.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434 CWE-20
Status published
Products (2)
gogs/gogs < 0.12.6
gogs.io/gogs 0 - 0.12.6Go
Published Mar 21, 2022
Tracked Since Feb 18, 2026