CVE-2024-32004

HIGH

Git <2.45.1 - Remote Code Execution via Crafted Repository Clone

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-32004. PoCs published by 10cks, Wadewfsssss.

AI-analyzed exploit summary This PoC demonstrates CVE-2024-32004, a Git vulnerability where malicious hooks in a repository can execute arbitrary commands during clone operations. The scripts create a malicious repository with a hook that launches calculators (calc.exe/gnome-calculator) when cloned.

Description

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources.

Exploits (2)

nomisec WORKING POC
by 10cks · poc
https://github.com/10cks/CVE-2024-32004-POC

This PoC demonstrates CVE-2024-32004, a Git vulnerability where malicious hooks in a repository can execute arbitrary commands during clone operations. The scripts create a malicious repository with a hook that launches calculators (calc.exe/gnome-calculator) when cloned.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Git (versions affected by CVE-2024-32004)
No auth needed
Prerequisites: Ability to host a malicious Git repository · Victim must clone the repository
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC
by Wadewfsssss · poc
https://github.com/Wadewfsssss/CVE-2024-32004

This PoC exploits a Git vulnerability (CVE-2024-32004) by manipulating Git configuration to execute arbitrary code via a malicious upload-pack script during a `git pull` operation. The attack leverages Git's filter mechanisms and remote configuration to achieve remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Git (version not specified)
No auth needed
Prerequisites: Local Git installation · Ability to configure Git repositories
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (7)

Core 7

Scores

CVSS v3 8.1
EPSS 0.0127
EPSS Percentile 66.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-114
Status published
Products (7)
debian/debian_linux 10.0
debian/debian_linux 11.0
fedoraproject/fedora 40
git-scm/git 2.41.0
git-scm/git 2.44.0
git-scm/git 2.45.0
git-scm/git < 2.39.4
Published May 14, 2024
Tracked Since Feb 18, 2026