module
Sourcegraph gitserver sshCommand RCE
| Disclosed | Created |
|---|---|
| 2022-02-18 | 2022-07-16 |
Disclosed
2022-02-18
Created
2022-07-16
Description
A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute
arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can
then be triggered on demand by executing a git push operation. The vulnerability was patched by introducing a
feature flag in version 3.37.0. This flag must be enabled for the protections to be in place which filter the
commands that are able to be executed through the git exec REST API.
arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can
then be triggered on demand by executing a git push operation. The vulnerability was patched by introducing a
feature flag in version 3.37.0. This flag must be enabled for the protections to be in place which filter the
commands that are able to be executed through the git exec REST API.
Authors
Altelus1
Spencer McIntyre
Spencer McIntyre
Platform
Linux,Unix
Architectures
cmd, x86, x64
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.