CVE-2022-1884 Information

Description

A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the tree_path parameter during file uploads. An attacker can set tree_path=.git. to upload a file into the .git directory allowing them to write or rewrite the .git/config file. If the core.sshCommand is set this can lead to remote command execution.

Reference

https://huntr.com/bounties/9cd4e7b7-0979-4e5e-9a1c-388b58dea76b