CVE-2025-48384

This repository contains a functional proof-of-concept exploit for CVE-2025-48384, which leverages a carriage return injection in Git submodule paths to achieve remote code execution (RCE) via malicious Git hooks. The exploit demonstrates how a crafted submodule configuration can bypass path sanitization and execute arbitrary commands during a recursive clone.

This repository contains a functional proof-of-concept exploit for CVE-2025-48384, demonstrating a remote code execution (RCE) vulnerability in Git's submodule handling. The exploit leverages a crafted Git repository with a malicious post-checkout hook to achieve arbitrary command execution during the clone process.

This repository contains a functional PoC for CVE-2025-48384, a Git submodule vulnerability allowing remote code execution. The exploit leverages a malicious post-checkout hook to execute arbitrary code during the git clone process.

This repository contains a proof-of-concept exploit for CVE-2025-48384, demonstrating a Git submodule vulnerability that allows arbitrary command execution via crafted Git configurations. The exploit manipulates Git submodule paths and worktree configurations to achieve remote code execution.

This repository contains a functional proof-of-concept exploit for CVE-2025-48384, a Git vulnerability that allows remote code execution via malicious submodule hooks. The exploit leverages a carriage return character in directory names to manipulate Git's handling of submodule paths, enabling arbitrary script execution during checkout.

This repository provides a Dockerfile to create a containerized environment for testing CVE-2025-48384, a vulnerability in Git. It installs a vulnerable version of Git (2.40.4) and clones a PoC repository to demonstrate the exploit.

The repository contains only a generic GitLab README template with no exploit code, technical details, or references to CVE-2025-48384. It appears to be a placeholder or incorrectly labeled repository.

This repository contains a functional proof-of-concept for CVE-2025-48384, demonstrating a remote code execution (RCE) vulnerability in Git's submodule handling. The exploit leverages a crafted submodule to execute arbitrary code during the `git clone --recurse-submodules` operation.

The repository contains only a minimal README with no exploit code or technical details. It appears to be a placeholder or superproject repo without functional content.

This repository contains a functional PoC for CVE-2025-48384, a Git vulnerability involving carriage return characters in submodule paths. The script `update-gitlink.sh` demonstrates how to manipulate a gitlink at a path containing a carriage return character, potentially leading to unexpected behavior in Git operations.

The repository contains only README files describing a malicious post-checkout hook but lacks actual exploit code or technical details. It appears to be a placeholder or demonstration without functional content.

This repository contains a functional proof-of-concept exploit for CVE-2025-48384, demonstrating a remote code execution (RCE) vulnerability in Git's submodule handling. The exploit leverages a malicious submodule to execute arbitrary code during the `git clone --recurse-submodules` operation.

This repository provides a detailed technical analysis and implementation guide for CVE-2025-48384, a Git client-side vulnerability leading to RCE via submodule path traversal. It includes CTF challenge setup instructions and malicious repository design but lacks functional exploit code.

The repository contains only a minimal README with no exploit code, technical details, or meaningful content. It appears to be a placeholder or submodule reference without any functional PoC.

The repository contains only a README.md file stating that the PoC is not functional yet. No exploit code or technical details are provided.

The repository contains only a minimal README with no exploit code, technical details, or functional proof-of-concept. It is a placeholder with no substantive content.

This repository contains a Python-based scanner designed to detect Git repositories potentially exploiting CVE-2025-48384 by analyzing .gitmodules files, symlinks, and executable hooks. It does not include exploit code but provides a tool to identify indicators of compromise.

This repository contains a functional proof-of-concept for CVE-2025-48384, which exploits an improper link resolution vulnerability in Git. The PoC demonstrates arbitrary code execution via crafted `.git/config` and symlink manipulation during recursive repository cloning.

This repository contains a functional proof-of-concept exploit for CVE-2025-48384, which leverages a carriage return injection in Git submodule paths to achieve arbitrary file write and remote code execution during a recursive clone. The exploit manipulates Git's handling of submodule configurations to trigger a malicious post-checkout hook.

The repository contains only a minimal README with no exploit code, technical details, or meaningful content. It appears to be a placeholder or submodule reference without any functional PoC.

The repository contains only a minimal README with a CVE identifier and the word 'PoC', providing no technical details, exploit code, or meaningful content. It appears to be a placeholder or incomplete submission.

The repository contains only a minimal README file with no technical details or exploit code. It is a placeholder with no substantive content related to CVE-2025-48384.

The repository contains only a README.md file with the word 'Submodule' and no actual exploit code or technical details. This is a placeholder with no functional content.

This PoC demonstrates CVE-2025-48384, a Git vulnerability involving CR-path submodule misparsing that leads to arbitrary hook execution during recursive submodule cloning. The exploit generates a malicious repository structure that triggers the vulnerability when cloned with `--recurse-submodules`.

The repository contains only a minimal README with the CVE identifier and no functional exploit code or technical details. It appears to be a placeholder without substantive content.

The repository contains functional exploit code for CVE-2025-32433, targeting Erlang/OTP SSH. The PoC demonstrates a pre-authentication RCE by sending crafted SSH packets to execute arbitrary commands on the server.

The repository contains only a minimal README with the CVE identifier and no technical details or exploit code. It lacks any meaningful content to classify it as a working PoC, scanner, or writeup.

This repository is a stub that only contains a README.md pointing to an external GitHub repository. No exploit code or technical details are provided.

This repository contains a functional proof-of-concept for CVE-2025-48384, demonstrating a vulnerability in Git that allows arbitrary file creation via recursive clone operations. The exploit results in the creation of a file at /tmp/sectest, confirming successful exploitation.

The repository contains only a minimal README with no technical details or exploit code. It appears to be a placeholder or stub for CVE-2025-48384.