GitHub CLI vulnerable to Remote Code Execution through Malicious SSH Server
CVE-2024-52308

9.6CRITICAL

Key Information:

Vendor: GitHub
Status: Cli
Vendor: CVE Published:; 14 November 2024

Summary

A remote code execution vulnerability has been identified in GitHub CLI versions 2.6.1 and earlier, potentially allowing attackers to execute arbitrary code on users' machines. This vulnerability manifests when developers connect to remote codespaces via an SSH server that may contain malicious code. Specifically, an attacker can exploit this flaw through modified SSH connection details, compromising commands like gh codespace ssh or gh codespace logs. By injecting malicious parameters into the remote username, it is possible for the SSH client to unwittingly execute harmful commands. The vulnerability has been mitigated in GitHub CLI version 2.62.0, which now incorporates input validation for the remote username to prevent exploitation.

References

https://github.com/cli/cli/security/advisories/GHSA-p2h2-...

CVSS V3.1

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Nov 14, 2024