CVE-2022-1884OS Command Injection in Gogs

CWE-78OS Command InjectionCWE-77Command Injection4 documents3 sources
Severity
9.8CRITICALNVD
EPSS
12.8%
top 5.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Gogs.io GogsGogs GogsGogs
Timeline
Latest updateAug 21
PublishedNov 15

Description

A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

Gogogs.io/gogs< 0.12.8
NVDgogs/gogs0.12.7
CVEListV5gogs/gogs_gogsunspecifiedlatest

🔴Vulnerability Details

3
OSV
OS Command Injection in gogs in gogs.io/gogs2024-08-21
OSV
OS Command Injection in gogs2022-06-02
GHSA
OS Command Injection in gogs2022-06-02