CVE-2017-8386

HIGH

git <2.4.12-2.12.3 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-8386. PoCs published by suz1n.

AI-analyzed exploit summary This repository provides a detailed writeup and proof-of-concept for CVE-2017-8386, a git-shell sandbox bypass vulnerability. It explains how to exploit the 'less' command within git-shell to achieve remote code execution (RCE).

Description

git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.

Exploits (1)

nomisec WRITEUP

by suz1n · poc

https://github.com/suz1n/WHS3_vulhub

View Code ZIP pw:eip

This repository provides a detailed writeup and proof-of-concept for CVE-2017-8386, a git-shell sandbox bypass vulnerability. It explains how to exploit the 'less' command within git-shell to achieve remote code execution (RCE).

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Git-shell 2.12.2

Auth required

Prerequisites: Docker · Docker-Compose · SSH access · Git 2.12.2 · less command installed

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (14)

Core 14

Core References

Various Sources mailing-list x_refsource_mlist

http://public-inbox.org/git/xmqq8tm5ziat.fsf%40gitster.mtv.corp.google.com/

Exploit, Third Party Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-3287-1

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ISHYFLM2ACYHHY3JHCLF75X7UF4ZMDM/

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPYRN7APMHY4ZFDPAKD22J5R4QJFY2JP/

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201706-04

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDS3LSJJ3YGGQYIVPKQDVOCXWDSF6JGF/

Mitigation, Third Party Advisory x_refsource_misc

https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/

Third Party Advisory x_refsource_confirm

https://kernel.googlesource.com/pub/scm/git/git/+/3ec804490a265f4c418a321428c12f3f18b7eff5

Third Party Advisory vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1038479

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2017:2491

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2017-05/msg00090.html

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2017:2004

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98409

Third Party Advisory, VDB Entry vendor-advisory x_refsource_debian

http://www.debian.org/security/2017/dsa-3848

Scores

CVSS v3 8.8

EPSS 0.7150

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (10)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 16.10

canonical/ubuntu_linux 17.04

debian/debian_linux 8.0

fedoraproject/fedora 24

fedoraproject/fedora 25

fedoraproject/fedora 26

git/git-shell

opensuse/leap 42.1

Published Jun 01, 2017

Tracked Since Feb 18, 2026