Miggo Logo
Miggo Vulnerability Database
CVE-2025-10283

CVE-2025-10283: BBOT's insufficient sanitization issues in gitdumper.py can lead to RCE

9.7

CVSS Score
3.1

Basic Information

CVE ID
CVE-2025-10283
GHSA ID
GHSA-h6m2-r6h9-4c44
EPSS Score
-
CWE
CWE-22
Published
10/9/2025
Updated
10/9/2025
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
bbotpip< 2.7.02.7.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from insufficient sanitization of git repositories downloaded by bbot, specifically within the gitdumper.py and git_clone.py modules. The core of the issue was in the GitDumper.sanitize_config function, which attempted to neutralize malicious entries in a .git/config file using a regex blacklist. This approach was inadequate and could be bypassed, allowing for Remote Code Execution (RCE) through specially crafted git configurations.

The vulnerability also involved the handling of the .git/index file, which could be manipulated to cause an arbitrary file write, also leading to RCE. The patch addresses these issues by removing the flawed sanitize_config function entirely and introducing a new, more robust sanitization function, sanitize_git_repo. This new function doesn't try to parse the git files; instead, it defensively renames the .git/config, .git/index, and .git/hooks directory, effectively neutralizing any potential threats before any git commands that might interpret them (like git checkout) are executed. The vulnerable functions are those that were part of the workflow that handled the unsanitized repository, including the function that performed the insufficient sanitization (sanitize_config), the function that called it (handle_event), and the functions that operated on the repository (git_checkout, clone_git_repository).

Vulnerable functions

GitDumper.sanitize_config
bbot/modules/gitdumper.py
This function was responsible for sanitizing the .git/config file, but its regex-based approach was insufficient to prevent RCE. It was completely removed in the patch, indicating it was the source of the vulnerability.
GitDumper.handle_event
bbot/modules/gitdumper.py
This function orchestrates the git repository processing and previously called the vulnerable 'sanitize_config' function. An attacker would trigger this function to exploit the vulnerability.
GitDumper.git_checkout
bbot/modules/gitdumper.py
This function executed 'git checkout' on a potentially unsanitized repository. A malicious .git/config or .git/index file could be leveraged during this operation to achieve RCE. The patch adds a call to the new sanitization function before running the command.
GitClone.clone_git_repository
bbot/modules/git_clone.py
This function clones a git repository from a given URL. It was a vulnerable entry point because it would download a malicious repository without sanitizing it, leading to the execution of other vulnerable functions. The patch adds a call to the new sanitization function immediately after cloning.

WAF Protection Rules

WAF Rule

### Summ*ry **ot's `*it*ump*r.py` insu**i*i*ntly s*nitis*s * `.*it/*on*i*` *il*, l***in* to R*mot* *o** *x**ution (R**). **ot's `*it*ump*r.py` **n ** m*** to *onsum* * m*li*ious `.*it/in**x` *il*, l***in* to *r*itr*ry *il* writ* w*i** **n ** us** t

Reasoning

T** vuln*r**ility st*ms *rom insu**i*i*nt s*nitiz*tion o* *it r*positori*s *ownlo**** *y **ot, sp**i*i**lly wit*in t** `*it*ump*r.py` *n* `*it_*lon*.py` mo*ul*s. T** *or* o* t** issu* w*s in t** `*it*ump*r.s*nitiz*_*on*i*` *un*tion, w*i** *tt*mpt** t