Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project doesn’t yet have a fix.

More than 700 instances have been compromised in the ongoing attacks, according to Wiz researchers, who described the zero-day discovery as “accidental” and say that it happened in July while they were investigating malware on an infected machine.

“During our analysis of the exploitation attempts, we identified that the threat actor was leveraging a previously unknown flaw to compromise instances. We responsibly disclosed this vulnerability to the maintainers,” security sleuths Gili Tikochinski and Yaara Shriki said in a Wednesday blog.

The team reported the security hole to Gogs’ maintainers, who are “currently working on a fix,” Tikochinski and Shriki wrote. But, they added, “active exploitation continues in the wild.”

The bug is tracked as CVE-2025-8110, and anyone running a Gogs server (version 0.13.3 or earlier) that is internet exposed and has open-registration enabled – this is the default setting – is vulnerable.

CVE-2025-8110 is essentially a bypass of a previously patched bug (CVE-2024-55947) that allows authenticated users to overwrite files outside the repository, leading to remote code execution (RCE). The earlier RCE was discovered by Manasseh Zhou.

“Unfortunately, the fix implemented for the previous CVE did not account for symbolic links,” the Wiz kids wrote.

Gogs is written in Go, and it allows users to host Git repositories on their own servers or cloud infrastructure, rather than using GitHub or another third party.

Gogs, and Git in general, allow symbolic links (or symlinks). They act as pointers or shortcuts to another file or directory, and they can point to objects outside the repository. Additionally, the Gogs API allows file modification outside the regular Git protocol. 

The earlier fix didn’t account for this type of symlink abuse, and this allows attackers to take advantage of the flaw and remotely execute malicious code in four steps that are “trivial for any user with repository creation permissions,” which are enabled by default, according to Wiz. 

Here are the steps:

1. The attacker creates a standard Git repository.
2. They commit a single symbolic link pointing to a sensitive target.
3. Using the PutContents API, they write data to the symlink. The system follows the link and overwrites the target file outside the repository.
4. By overwriting .git/config (specifically the sshCommand), the attacker can force the system to execute arbitrary commands.

About 1,400 Gogs instances are exposed to the internet, and of those, Wiz confirmed that more than 700 of them had been infected. All of these show an 8-character random owner/repo name created on July 10 and a payload that used the Supershell remote command-and-control framework.

While the threat hunters haven’t attributed the attacks to a particular person or group, “our assumption, based on threat actors using Supershell C2, is they are located in Asia,” Shriki told The Register. 

Mandiant, which is also owned by Google (Wiz will be soon), last year documented Chinese spies exploiting a critical-severity bug in F5 via Supershell, and using that exploit to sell access to compromised US defense organizations, UK government agencies, and hundreds of other entities.

It’s also not clear what the digital intruders are doing with access to vulnerable instances.

“In the environments where we have visibility, the malware was removed quickly so we did not see any post-exploitation activity,” Shriki said. “We don’t have visibility into other compromised servers, beyond knowing they’re compromised.”

The Register reached out to Git about the timeline for a fix and will update this story when we hear back from the security team. But in the meantime, Wiz recommends immediately disabling open-registration (if it’s not required) and limiting internet exposure by placing self-hosted Git services behind a VPN.

Also, be on the lookout for newly created repositories with random 8-character names or unexpected usage of the PutContents API. 

The researchers published a full list of indicators of compromise, so give those a read, too. ®