Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-1000117

EPSS 76.43% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-1000117

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Git 命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Git是美国软件开发者林纳斯-托瓦兹(Linus Torvalds)所研发的一套免费、开源的分布式版本控制系统。 Git 2.7.5之前的版本中存在命令漏洞。远程攻击者可借助特制的‘ssh://...’URL利用该漏洞运行任意设备已退出的程序。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2017-1000117

#POC DescriptionSource LinkShenlong Link
1Proof of concept of CVE-2017-1000117https://github.com/timwr/CVE-2017-1000117POC Details
2Nonehttps://github.com/Manouchehri/CVE-2017-1000117POC Details
3Nonehttps://github.com/thelastbyte/CVE-2017-1000117POC Details
4testhttps://github.com/alilangtest/CVE-2017-1000117POC Details
5Nonehttps://github.com/VulApps/CVE-2017-1000117POC Details
6Check Git's vulnerability CVE-2017-1000117https://github.com/greymd/CVE-2017-1000117POC Details
7Nonehttps://github.com/shogo82148/Fix-CVE-2017-1000117POC Details
8Nonehttps://github.com/sasairc/CVE-2017-1000117_wasawasaPOC Details
9CVE-2017-1000117の検証https://github.com/Shadow5523/CVE-2017-1000117-testPOC Details
10Nonehttps://github.com/ieee0824/CVE-2017-1000117POC Details
11CVE-2017-1000117https://github.com/rootclay/CVE-2017-1000117POC Details
12Experiment of CVE-2017-1000117https://github.com/ieee0824/CVE-2017-1000117-slPOC Details
13Nonehttps://github.com/takehaya/CVE-2017-1000117POC Details
14Nonehttps://github.com/ikmski/CVE-2017-1000117POC Details
15GitのCommand Injectionの脆弱性を利用してスクリプトを落として実行する例https://github.com/nkoneko/CVE-2017-1000117POC Details
16test for CVE-2017-1000117https://github.com/chenzhuo0618/testPOC Details
17Nonehttps://github.com/siling2017/CVE-2017-1000117POC Details
18Nonehttps://github.com/Q2h1Cg/CVE-2017-1000117POC Details
19cve-2017-1000117https://github.com/cved-sources/cve-2017-1000117POC Details
20Nonehttps://github.com/leezp/CVE-2017-1000117POC Details
21CVE-2017-1000117漏洞复现(PoC+Exp)https://github.com/AnonymKing/CVE-2017-1000117POC Details
22Nonehttps://github.com/Jerry-zhuang/CVE-2017-1000117POC Details
23Nonehttps://github.com/chu1337/CVE-2017-1000117POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-1000117

登录查看更多情报信息。

Same Patch Batch · n/a · 2017-10-04 · 55 CVEs total

CVE-2017-1000253Linux kernel 缓冲区错误漏洞
CVE-2017-15025GNU Binutils Binary File Descriptor库安全漏洞
CVE-2017-15020GNU Binutils Binary File Descriptor库缓冲区错误漏洞
CVE-2017-15023GNU Binutils Binary File Descriptor库安全漏洞
CVE-2017-15022GNU Binutils Binary File Descriptor库安全漏洞
CVE-2017-15021GNU Binutils Binary File Descriptor库缓冲区错误漏洞
CVE-2017-15024GNU Binutils Binary File Descriptor库输入验证错误漏洞
CVE-2017-13995iniNet Solutions iniNet Webserver 授权问题漏洞
CVE-2017-13993i-SENS SmartLog Diabetes Management Software 安全漏洞
CVE-2017-12728iniNet Solutions SpiderControl SCADA Web Server 安全漏洞
CVE-2017-14000Ctek SkyRouter Series 4200和4400 授权问题漏洞
CVE-2017-1000120Frappe SQL注入漏洞
CVE-2017-1000119October CMS 安全漏洞
CVE-2017-1000118Akka HTTP 缓冲区错误漏洞
CVE-2017-1000116Mercurial 命令注入漏洞
CVE-2017-1000115Mercurial 后置链接漏洞
CVE-2017-1000114CloudBees Jenkins Datadog Plugin 安全漏洞
CVE-2017-1000113CloudBees Jenkins Deploy to Container插件信息泄露漏洞
CVE-2017-1000112Linux kernel 安全漏洞
CVE-2017-1000111Linux kernel 安全漏洞

Showing top 20 of 55 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2017-1000117

No comments yet

Leave a comment