Main Vulnerability Database Exploits ID:10414 - Exploit for Input validation error in Git for Windows - CVE-2023-29007

ID:10414 - Exploit for Input validation error in Git for Windows - CVE-2023-29007

Published: August 16, 2024

Vulnerability identifier: #VU75486

Vulnerability risk: Low

CVE-ID: CVE-2023-29007

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Git for Windows

Link to public exploit:

https://github.com/ethiack/CVE-2023-29007

Vulnerability description

The vulnerability allows an attacker to tamper with Git configuration.

The vulnerability exists due to insufficient input validation in "git submodule deinit" when renaming or deleting a section from a configuration file. A remote attacker can trick the victim into running the command a malicious configuration file and tamper with Git configuration on the affected system.

Remediation

Install updates from vendor's website.

ID:10414 - Exploit for Input validation error in Git for Windows - CVE-2023-29007

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human