Main Vulnerability Database Exploits ID:11847 - Exploit for CRLF injection in Git - CVE-2025-48384

ID:11847 - Exploit for CRLF injection in Git - CVE-2025-48384

Published: August 8, 2025

Vulnerability identifier: #VU112637

Vulnerability risk: Medium

CVE-ID: CVE-2025-48384

CWE-ID: CWE-93

Exploitation vector: Remote access

Vulnerable software:
Git

Link to public exploit:

https://github.com/acheong08/CVE-2025-48384

Vulnerability description

The vulnerability allows a remote user to compromise the affected system.

The vulnerability exists due to insufficient validation of attacker-supplied data when reading config values. A remote user can pass specially crafted config lines to the application containing CR-LF characters and execute arbitrary code on the system after checkout.

Remediation

Install updates from vendor's website.

ID:11847 - Exploit for CRLF injection in Git - CVE-2025-48384

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human