CVE-2018-25083

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions pullit versions prior to 1.4.0

Description The issue allows OS Command Injection because eval() is used on an attacker-supplied Git branch name. The package does not validate input on git branch names and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system.

Recommendations Upgrade to version 1.4.0 or later. As a temporary workaround, consider disabling the use of eval() on attacker-supplied Git branch names until a patch is available. Restrict access to the exec call with unvalidated git branch names to minimize the risk of exploitation.

Exploit

Fix

Command Injection

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77CWE-78

Related Identifiers

CVE-2018-25083

GHSA-2W9P-XF5H-QWJ3

GHSA-8PX5-63X9-5C7P

Affected Products

Pullit

CVE-2018-25083

Weakness Enumeration

Related Identifiers

Affected Products

References · 12