Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild

Share on linkedin
Share on facebook
Share on twitter

A now-patched critical remote code execution vulnerability in GitLab’s web interface has been detected as actively exploited in the wild, cybersecurity researchers warn, rendering a large number of internet-facing GitLab instances susceptible to attacks.

The vulnerability, which affects all versions starting from 11.9, has since been addressed by GitLab on April 14, 2021 in versions 13.8.8, 13.9.6, and 13.10.3.

In one of the real-world attacks detailed by HN Security last month, two user accounts with admin privileges were registered on a publicly-accessible GitLab server belonging to an unnamed customer by exploiting the aforementioned flaw to upload a malicious payload that leads to remote execution of arbitrary commands, including obtaining elevated permissions.

Despite the public availability of the patches for more than six months, of the 60,000 internet-facing GitLab installations, only 21% of the instances are said to be fully patched against the issue, with another 50% still vulnerable to RCE attacks.

In the light of the unauthenticated nature of this vulnerability, exploitation activity is expected to increase, making it critical that GitLab users update to the latest version as soon as possible.

Ideally, GitLab should not be an internet facing service,” the researchers said.

Stay on Top of Cyber Threats!

Subscribe to our monthly bulletin to stay updated on major cybersecurity risks.

Follow us on Socials:

Recent Cybersecurity News

Emotet now spreads via fake Adobe Windows App Installer packages

The Emotet malware is now distributed through malicious Windows App Installer packages that...
Read The Article

Critical Wormable Security Flaw Found in Several HP Printer Models

Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers...
Read The Article

Panasonic discloses data breach after network hack

Japanese multinational conglomerate Panasonic disclosed a security breach after unknown threat actors gained...
Read The Article

Contact a Specialist

Discover why 1,000+ organizations trust our expertise to improve their cybersecurity.

Stay Updated on Cyber Risks!

Subscribe to the Vumetric Monthly Bulletin to keep up with breaking news in the cybersecurity industry.