Login Sign Up

CVE-2021-44685

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

CVE-2021-44685 is a critical OS command injection vulnerability in Git-it that allows attackers to execute arbitrary commands on the system. Users running Git-it version 4.4.0 or earlier are affected when they complete the 'Branches Aren't Just For Birds' challenge. The vulnerability occurs because user-controlled branch names are not sanitized before being passed to system commands.

💻 Affected Systems

Products:
  • Git-it
Versions: Through 4.4.0
Operating Systems: Windows, macOS, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability is triggered during the verification process of the 'Branches Aren't Just For Birds' challenge when Git-it attempts to run the reflog command with unsanitized branch name input.

📦 What is this software?

Git It by Git It Project

View all CVEs affecting Git It →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the host, allowing data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Local privilege escalation or arbitrary command execution within the context of the Git-it application user, potentially leading to data exfiltration or further system compromise.

🟢

If Mitigated

Limited impact if Git-it runs in a sandboxed environment with minimal privileges and network restrictions.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires user interaction to complete the vulnerable challenge step. The vulnerability is well-documented with proof-of-concept available in public advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.4.1 and later

Vendor Advisory: https://github.com/jlord/git-it-electron/releases

Restart Required: Yes

Instructions:

1. Download Git-it version 4.4.1 or later from the official repository. 2. Uninstall the vulnerable version. 3. Install the patched version. 4. Restart the application.

🔧 Temporary Workarounds

Avoid Vulnerable Challenge

all

Do not complete the 'Branches Aren't Just For Birds' challenge in Git-it until patched.

Run with Restricted Privileges

all

Run Git-it with minimal user privileges to limit potential damage from exploitation.

🧯 If You Can't Patch

  • Remove or disable Git-it from affected systems
  • Implement application whitelisting to prevent unauthorized command execution

🔍 How to Verify

Check if Vulnerable:

Check Git-it version: if version is 4.4.0 or earlier, the system is vulnerable.

Check Version:

Check application version in Git-it's About menu or settings

Verify Fix Applied:

Verify Git-it version is 4.4.1 or later after patching.

📡 Detection & Monitoring

Log Indicators:

  • Unusual command execution patterns from Git-it process
  • Suspicious system commands containing branch names

Network Indicators:

  • Unexpected outbound connections from Git-it process

SIEM Query:

process_name:"git-it" AND command_line:"reflog" AND command_line:("|" OR ";" OR "&" OR "`")

📊 Metadata

CVE ID: CVE-2021-44685
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-78
Published: December 7, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-44685, you might also want to check these:

CVE-2023-2564 10.0

This CVE describes an OS command injection vulnerability in scanservjs web scanning software that al...

Same vulnerability type (CWE-78)
CVE-2024-58338 10.0

Anevia Flamingo XL 3.2.9 contains a restricted shell escape vulnerability that allows remote attacke...

Same vulnerability type (CWE-78)
CVE-2025-26389 10.0

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code with r...

Same vulnerability type (CWE-78)