CVE-2020-27955

Description from NVD

Git LFS 2.12.0 allows Remote Code Execution.

Information Acquisition Date:2021-04-27T10:52Z
CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD References

 https://legalhackers.com/advisories/Git-LFS-RCE-Exploit-CVE-2020-27955.html
     source:MISC
     tags:Exploit    Exploit    Third Party Advisory    Third Party Advisory    
 https://legalhackers.com
     source:MISC
     tags:Third Party Advisory    Third Party Advisory    
 https://exploitbox.io
     source:MISC
     tags:Exploit    Third Party Advisory    
 https://github.com/git-lfs/git-lfs/releases
     source:MISC
     tags:Release Notes    Release Notes    Third Party Advisory    
 20201105 Git LFS (git-lfs) - Remote Code Execution (RCE) exploit CVE-2020-27955 - Clone to Pwn
     source:FULLDISC
     tags:Exploit    Exploit    Third Party Advisory    Third Party Advisory    
 http://packetstormsecurity.com/files/159923/git-lfs-Remote-Code-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...308
https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-...4
https://twitter.com/Exploit_Box/status/13241982388875141124
https://legalhackers.com/advisories/Git-LFS-RCE-Exploit-CVE...4
https://ift.tt/3pbhDxM3
https://medium.com/bugbountywriteup/git-lfs-exploit-for-rem...3
http://seclists.org/fulldisclosure/2020/Nov/13
https://exploitbox.io3
http://feedproxy.google.com/~r/HelpNetSecurity/~3/nXCLukSlayo/3
https://www.helpnetsecurity.com/2020/11/05/cve-2020-27955/3

Information from Twitter

User URL Info Source Date
buaqbot https://ift.tt/AuGJYFy Source buaqbot          1578959513591328776 2022/10/09
buaqbot https://ift.tt/V9osZqB Source buaqbot          1578959513591328776 2022/10/09

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com308
github.com4
twitter.com4
legalhackers.com4
ift.tt3
medium.com3
seclists.org3
exploitbox.io3
feedproxy.google.com3
www.helpnetsecurity.com3

Information from Twitter

User URL Info Source
buaqbot ift.tt Show Tweet
buaqbot ift.tt Show Tweet
GitHub Search Results: Up to 10
NameURL
ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955 https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955
ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go
r00t4dm/CVE-2020-27955 https://github.com/r00t4dm/CVE-2020-27955
yhsung/cve-2020-27955-poc https://github.com/yhsung/cve-2020-27955-poc
GitHub Search Results: Up to 10
NameURL
ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955 github.com
ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go github.com
r00t4dm/CVE-2020-27955 github.com
yhsung/cve-2020-27955-poc github.com
2022/10/09 Score : 1
Added Har-sia Database : 2020/11/05
Last Modified : 2022/10/09
Highest Scored Date : 2020/11/06
Highest Score : 48