Bonobo Git Server Flaw Allows Execution of Arbitrary Commands
Vulnerability Details
The GitController in Jakub Chodounsky Bonobo Git Server before 650 allows execution of arbitrary commands in the context of the web. The vulnerability exists due to improper handling of HTTP requests. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the target server. Successful exploitation could allow the attacker to execute arbitrary commands on the target server.
Affected Versions
The following versions of Bonobo Git Server are affected by this vulnerability:
- before 650
Mitigation
To mitigate this vulnerability, users should upgrade to Bonobo Git Server version 650 or later.
Komentar