Miggo Logo

CVE-2021-39159:
remote code execution via git repo provider

9.7

CVSS Score
3.1

Basic Information

EPSS Score
0.78965%
Published
8/30/2021
Updated
9/13/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
binderhubpip< 0.2.00.2.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper argument handling in the git ls-remote command construction. The original code lacked the '--' separator between options and positional arguments, allowing user-controlled input to be interpreted as command options. The patched version adds '--' to mitigate this. The function get_resolved_ref in GitRepoProvider is directly responsible for this insecure command construction, making it the clear vulnerable entry point. The confidence is high as the patch explicitly addresses this specific code location with a well-known command injection prevention technique.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t * r*mot* *o** *x**ution vuln*r**ility **s ***n i**nti*i** in *in**r*u*, w**r* provi*in* *in**r*u* wit* m*li*iously *r**t** input *oul* *x**ut* *o** in t** *in**r*u* *ont*xt, wit* t** pot*nti*l to **r*ss *r***nti*ls o* t** *in**r*u* **ploy

Reasoning

T** vuln*r**ility st*ms *rom improp*r *r*um*nt **n*lin* in t** *it ls-r*mot* *omm*n* *onstru*tion. T** ori*in*l *o** l**k** t** '--' s*p*r*tor **tw**n options *n* position*l *r*um*nts, *llowin* us*r-*ontroll** input to ** int*rpr*t** *s *omm*n* optio