CVE-2024-55947

Gogs has a Path Traversal in file update API

CVSS 8.7 HIGHEPSS 75.2%CWE-22

In short

Gogs has a flaw that lets an attacker write files anywhere on the server through its file update API, which can be used to gain unauthorized SSH access to the system.

Technical detail

A path traversal vulnerability in Gogs' file update API (CWE-22) allows an authenticated or unauthenticated attacker to write arbitrary files to any location on the filesystem, enabling SSH key injection for remote code execution. The vulnerability requires access to the file update endpoint and is mitigated in version 0.13.1 and later.

Summary generated and translated by AI from the official description.

Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

gogs · gogs

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/gogs/gogs/commit/9a9388ace25bd646f5098cb9193d983332c34e41 https://github.com/gogs/gogs/issues/7582 https://github.com/gogs/gogs/pull/7859 https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg