Gitea Git Fetch Remote Code Execution

Posted on 17 November 2022

This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to 1.16.7.