Git-lfs RCE exploit CVE-2020-27955 - tested on Windows on: git, gh cli, GitHub Desktop, Visual Studio, SourceTree etc.
Git-lfs Remote Code Execution (RCE) exploit CVE-2020-27955 (bat / powershell version)
Vulnerable: git, GitHub CLI (gh), GitHub Desktop, Visual Studio Code, SourceTree, SmartGit, GitKraken etc
Discovered by Dawid Golunski
legalhackerscom
exploitboxio
Tested on Windows on:
git, GitHub CLI (gh), GitHub Desktop, Visual Studio Code, SourceTree, SmartGit, GitKra