ATTACK [PTsecurity] GitLab Arbitrary File Read (CVE-2023-2825)

SID: 10008999Rev: 232 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] GitLab Arbitrary File Read (CVE-2023-2825)"; flow:established, to_server; http.uri.raw; content:"/uploads/"; nocase; content:"%2f..%2f"; nocase; distance:0; pcre:"/\/+([a-zA-Z0-9_-]+\/+){5,}uploads\/+/I"; reference:url, labs.watchtowr.com/gitlab-arbitrary-file-read-gitlab-cve-2023-2825-analysis; reference:cve, 2023-2825; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10008999; rev:2;)

References

urllabs.watchtowr.com/gitlab-arbitrary-file-read-gitlab-cve-2023-2825-analysis
cve2023-2825
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!