PoC Exploit Released for High-Severity Git CLI Arbitrary File Write Vulnerability

A critical vulnerability in Git CLI enables arbitrary file writes on Linux and macOS systems, with working proof-of-concept exploits now publicly available. CVE-2025-48384, assigned a CVSS severity score of 8.1/10, allows attackers to achieve remote code execution through maliciously crafted repositories when users execute git clone –recursive commands. Git CLI Arbitrary File Write Vulnerability According to Security Researcher Matt Muir, Linux Malware, CVE-2025-48384 exploits a fundamental flaw in Git’s handling of configuration values and carriage return (\r) characters when parsing .gitmodules files on UNIX-like systems. The vulnerability stems from a critical mismatch between how Git reads versus writes configuration values containing control characters. When an attacker crafts a malicious .gitmodules file with submodule paths ending in carriage return characters, Git’s config parser behavior creates a dangerous discrepancy where the character may be stripped during read operations...