CVE-2022-24439

HIGH

GitPython <3.1.30 - Remote Code Execution via Malicious Clone URL

Title source: manual

Exploitation Summary

EIP tracks 2 public exploits for CVE-2022-24439. PoCs published by Makkkiiii, muhammadhendro.

AI-analyzed exploit summary The repository contains only a README.md with minimal content, lacking any exploit code or technical details for CVE-2022-24439. No functional PoC or scanner is present.

Description

All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments.

Exploits (2)

nomisec STUB 1 stars

by Makkkiiii · poc

https://github.com/Makkkiiii/GitPython-Exploit-CVE-2022-24439

View Code ZIP pw:eip

The repository contains only a README.md with minimal content, lacking any exploit code or technical details for CVE-2022-24439. No functional PoC or scanner is present.

Classification

Stub 10%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: GitPython (version unspecified)

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by muhammadhendro · poc

https://github.com/muhammadhendro/CVE-2022-24439

View Code ZIP pw:eip

This PoC exploits CVE-2022-24439 by creating a new user with root privileges via a command injection vulnerability. It uses `os.system` to execute shell commands for user addition and privilege escalation.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Unknown (likely a Linux-based system with vulnerable setool)

No auth needed

Prerequisites: Access to a vulnerable system where `setool` is present and exploitable

MITRE ATT&CK