Git Lfs Remote Command Execution Vulnerability Cve 2020 27955
Git Lfs Remote Command Execution Vulnerability Cve 2020 27955
Git-LFS remote command execution vulnerability CVE-2020-27955
Vulnerability Description
Git LFS is a Git extension developed by Github to implement Git’s support for large files
Some affected products include Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraden, SmartGit, Sourcetree, etc.
This vulnerability affects only Windows platform
Vulnerability Impact
Git-LFS(git-lfs)<= 2.12
Vulnerability reappears
Run the following command, if the version is within the range of influence, the calculator will pop up
git clone https://github.com/r00t4dm/CVE-2020-27955
Vulnerability POC
https://github.com/r00t4dm/CVE-2020-27955
This post is licensed under CC BY 4.0 by the author.