Miggo Logo
Miggo Vulnerability Database
CVE-2022-25912

CVE-2022-25912: simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol

8.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-25912
GHSA ID
GHSA-9p95-fxvg-qgq2
EPSS Score
0.97313%
CWE
CWE-78
Published
12/6/2022
Updated
8/17/2023
KEV Status
No
Technology
TechnologyJavaScript

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
simple-gitnpm< 3.15.03.15.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the clone() method's handling of configuration arguments that enable unsafe protocols like 'ext'. The commit diff shows changes to configuration argument handling, and the advisory explicitly mentions the clone() method as the exploitation vector. The CWE-78 (OS Command Injection) aligns with the RCE mechanism through git's ext protocol, which executes arbitrary commands. The patch introduced 'allowUnsafeProtocolOverride' to explicitly control protocol usage, confirming the vulnerable pattern was present in clone().

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** p**k*** simpl*-*it ***or* *.**.* is vuln*r**l* to R*mot* *o** *x**ution (R**) w**n *n**lin* t** `*xt` tr*nsport proto*ol, w*i** m*k*s it *xploit**l* vi* `*lon*()` m*t*o*. T*is vuln*r**ility *xists *u* to *n in*ompl*t* *ix o* [*V*-****-*****](*ttp

Reasoning

T** vuln*r**ility st*ms *rom t** *lon*() m*t*o*'s **n*lin* o* *on*i*ur*tion *r*um*nts t**t *n**l* uns*** proto*ols lik* '*xt'. T** *ommit *i** s*ows ***n**s to *on*i*ur*tion *r*um*nt **n*lin*, *n* t** **visory *xpli*itly m*ntions t** *lon*() m*t*o* *