by vicarius
log in join community
by @Smartkeyss
27 May 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Untrusted search path in GitPython (CVE-2024-22190) - exploit

by @Smartkeyss
by @Smartkeyss
27 May 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Untrusted search path in GitPython (CVE-2024-22190) - exploit

OS

W12
Windows 11 23H2Microsoft
10.0.22631.6199.*
10.0.22631.6199.*
10.0.22631.6060.*
10.0.22631.6060.*
10.0.22631.5909.*
10.0.22631.5909.*
10.0.22631.5900.*
10.0.22631.5900.*
10.0.22631.5768.*
10.0.22631.5768.*

Apps

G
GitpythonGitpython Project
3.1.41.*
3.1.40.*
3.1.36.*
3.1.35.*
3.1.34.*
3.1.29.*
3.1.31.*
3.1.32.*
3.1.33.*
3.1.30.*

PoC video

Summary

An untrusted search path was found in GitPython which could lead to remote code execution using git.exe or bash.exe. Users are advised to update to version 3.1.41 or newer.

general

Description

Tags

#RCE#exposed_to_RCE_attack#CVE-2024-22190#novel_exploit_analysis#gitpython
users/photos/clsevlral8gef1hon15grbvup.jpg

@Smartkeyss

63 posts

I am just curious 😊 I use simple words to explain complicated things. discord: @rxs_s

Total vcoins

0

Social media links

Comments (0)