CVE-2024-55947: 
Gogs vulnerability analysis and mitigation

Gogs, an open source self-hosted Git service, was found to contain a critical path traversal vulnerability (CVE-2024-55947) that allows malicious users to write files to arbitrary paths on the server, potentially gaining SSH access. The vulnerability was discovered in versions prior to 0.13.1 and was fixed in version 0.13.1. The issue received a CVSS score of 8.7 (HIGH) with vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (NVD, Security Online).

The vulnerability stems from improper path validation in the repository file update API. An authenticated attacker could exploit this by using the API to write files outside the repository Git directory. The issue was classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory). The vulnerability could be exploited through a specially crafted PUT request to the API endpoint, allowing writes to arbitrary paths on the server filesystem (GitHub Advisory).

The vulnerability allows authenticated users to write files to arbitrary locations on the server filesystem, including the ability to modify SSH configuration files. This could lead to unauthorized SSH access to the server, potentially resulting in complete system compromise (GitHub Advisory, Security Online).

The vulnerability has been patched in Gogs version 0.13.1 by implementing proper path validation and prohibiting file writes outside the repository Git directory. For affected versions, there is no viable workaround other than limiting access to the Gogs instance to trusted users only (GitHub Advisory).