Main Vulnerability Database Exploits ID:11799 - Exploit for CRLF injection in Git - CVE-2025-48384

ID:11799 - Exploit for CRLF injection in Git - CVE-2025-48384

Published: July 18, 2025

Vulnerability identifier: #VU112637

Vulnerability risk: Medium

CVE-ID: CVE-2025-48384

CWE-ID: CWE-93

Exploitation vector: Remote access

Vulnerable software:
Git

Link to public exploit:

https://github.com/nguyentranbaotran/cve-2025-48384-poc

Vulnerability description

The vulnerability allows a remote user to compromise the affected system.

The vulnerability exists due to insufficient validation of attacker-supplied data when reading config values. A remote user can pass specially crafted config lines to the application containing CR-LF characters and execute arbitrary code on the system after checkout.

Remediation

Install updates from vendor's website.

ID:11799 - Exploit for CRLF injection in Git - CVE-2025-48384

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human