CVE-2014-5023

Gitter/Gitlist <Repository.php - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-5023. PoCs published by drone.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Gitlist <= 0.4.0 by crafting a malicious URL path that executes arbitrary commands via the `blame` functionality. The payload is base64-encoded and written to a PHP file in the cache directory, enabling remote code execution.

Description

Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a "git checkout -b" command.

Exploits (1)

exploitdb WORKING POC VERIFIED

by drone · pythonremotemultiple

https://www.exploit-db.com/exploits/33929

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in Gitlist <= 0.4.0 by crafting a malicious URL path that executes arbitrary commands via the `blame` functionality. The payload is base64-encoded and written to a PHP file in the cache directory, enabling remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Gitlist <= 0.4.0

No auth needed

Prerequisites: Access to the Gitlist web interface · Write permissions to the cache directory

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit x_refsource_misc

http://hatriot.github.io/blog/2014/06/29/gitlist-rce/

Scores

EPSS 0.0336

EPSS Percentile 87.1%

Details

Status published

Products (1)

gitlist/gitlist

Published Jul 22, 2014

Tracked Since Feb 18, 2026