CVE-2021-22205

Vulnerability updated 4 months ago (2024-05-04T21:17:41.599Z)
Download STIX
Preview STIX
CVE-2021-22205 is a significant vulnerability in GitLab, a flaw in software design or implementation that allows for remote code execution. This vulnerability has been assigned the highest severity score (CVSS score: 10.0) due to its potential impact. The bug, which is now two years old, continues to be actively exploited by threat actors, despite the disclosure and subsequent patching efforts. The cybercriminal group known as Gold Melody has previously been linked to attacks exploiting this and other security flaws, including those in JBoss Messaging, Citrix ADC, Oracle WebLogic, Citrix ShareFile Storage Zones Controller, Atlassian Confluence, ForgeRock AM, and Apache Log4j servers. Specifically, they have weaponized CVE-2021-22205, using it for propagation alongside other vulnerabilities such as one found in Lilin DVR systems. The latest developments indicate an expansion of Gold Melody's exploit arsenal, with the addition of CVE-2023-25717. This suggests that the group is actively seeking to ensnare more devices into their botnet, leveraging a range of vulnerabilities across different platforms. The ongoing exploitation of CVE-2021-22205 underscores the importance of timely patching and robust cybersecurity measures to mitigate these threats.
Description last updated: 2024-05-04T20:36:53.606Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CVE-2021-22205 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
a year ago
GitLab Releases Urgent Security Patches for Critical Vulnerability | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
a year ago
Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers
CERT-EU
a year ago
Hackers Deployed never-before-seen Linux Malware Attacking Government Entities
Securityaffairs
a year ago
Earth Lusca expands its arsenal with SprySOCKS Linux malware
Trend Micro
a year ago
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
CERT-EU
a year ago
GitLab vulnerability leveraged in LABRAT cryptojacking, proxyjacking operation
CERT-EU
a year ago
Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure
InfoSecurity-magazine
a year ago
Proxyjacking and Cryptomining Campaign Targets GitLab
CISA
2 years ago
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors | CISA
CISA
2 years ago
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors | CISA
CERT-EU
a year ago
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack