Bitbucket Git Command Injection
Discription
Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated command injection vulnerability in multiple API endpoints. The `/rest/api/latest/projects/{projectKey}/repos/{repositorySlug}/archive` endpoint creates an archive of the repository, leveraging the `git-archive` command to do so. Supplying NULL bytes to the request enables the passing of additional arguments to the command, ultimately enabling execution of arbitrary commands.Read More
References
Back to Main