Git LFS (git-lfs) – Remote Code Execution (RCE) exploit CVE-2020-27955 – Clone to Pwn

November 6, 2020

Posted by Dawid Golunski on Nov 05

/*
Go PoC exploit for git-lfs – Remote Code Execution (RCE)
vulnerability CVE-2020-27955
git-lfs-RCE-exploit-CVE-2020-27955.go

Discovered by Dawid Golunski
https://legalhackers.com
https://exploitbox.io

Affected (RCE exploit):
Git / GitHub CLI / GitHub Desktop / Visual Studio / GitKraken /
SmartGit / SourceTree etc.
Basically the whole Windows dev world which uses git.

Usage:
Compile: go build…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source
Tags: , , , , , , , , ,

You may have missed

HIBP-Banner-1

MaReads – 74,453 breached accounts

July 16, 2025
image

CVE Alert: CVE-2025-7600

July 16, 2025
image

CVE Alert: CVE-2025-7596

July 16, 2025
image

CVE Alert: CVE-2025-7597

July 16, 2025
image

CVE Alert: CVE-2025-7599

July 16, 2025