Improper Symbolic Link Handling in Gogs Product by Gogs Team
CVE-2025-8110
Key Information:
Badges
What is CVE-2025-8110?
CVE-2025-8110 is a significant vulnerability found in the Gogs software, an open-source platform designed for managing Git repositories. This vulnerability is related to how the PutContents API handles symbolic links improperly, allowing for local code execution. If exploited, this flaw could grant an attacker the ability to execute arbitrary code on the server hosting Gogs, potentially compromising the integrity of the system and the security of the data contained within it. This is particularly concerning in environments where Gogs is utilized for collaborative software development, as it could lead to a disruption in operations and the unauthorized modification of critical codebases.
Potential impact of CVE-2025-8110
-
Unauthorized Code Execution: The primary risk associated with this vulnerability is the ability for malicious actors to execute code on the affected system. This could lead to unauthorized access and manipulation of sensitive information stored in Git repositories.
-
System Compromise: Successful exploitation of CVE-2025-8110 could compromise the entire server where Gogs is hosted, allowing attackers to install malware, create backdoors for future access, and potentially escalate their privileges to take control of other systems within the network.
-
Operational Disruption: The vulnerability could lead to significant business disruptions, especially in organizations relying on Gogs for their software development processes. Downtime or data loss could impact development timelines and overall productivity, leading to financial losses and reputational damage.
CISA has reported CVE-2025-8110
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-8110 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Gogs Linux 0 <= 0.13.3
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Gogs patches critical zero-day enabling remote code execution
Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones).
2 weeks ago
New Gogs zero-day flaw lets hackers get remote code execution
An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances.
1 month ago
TechInformedCVE-2025-8110Microsoft’s January Patch Tuesday fixes 112 vulnerabilities - TechInformed
Microsoft’s January 2026 Patch Tuesday fixed 112 vulnerabilities across Windows and other products (114 when including Chromium-related updates), including an
References
EPSS Score
76% chance of being exploited in the next 30 days.
CVSS V4
Timeline
- 🦅
CISA Reported
- 🟡
Public PoC available
- 📈
Vulnerability started trending
- 💰
Used in Ransomware
- 👾
Exploit known to exist
- 📰
First article discovered by wiz.io
Vulnerability published
Vulnerability Reserved