Description
Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to child_process.exec(). The input is placed within double quotes and only " is escaped, but backticks (`), $() command substitution, and \ sequences are all interpreted within double-quoted strings in bash. This allows authenticated attackers to execute arbitrary OS commands via the git configuration endpoint. This vulnerability is fixed in 1.24.0.
Published: 2026-03-11
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability resides in the /api/user/git-config endpoint of Cloud CLI UI, which builds shell commands by interpolating user-supplied gitName and gitEmail values into child_process.exec() calls. Because only the double-quote character is escaped, backticks, $(), and backslashes are interpreted by Bash, enabling an authenticated attacker to inject and execute arbitrary OS commands. This results in remote code execution, giving the attacker full control over the system where the UI runs.

Affected Systems

The issue affects the Siteboon:Claudecodeui product, specifically all releases prior to version 1.24.0. Any installation of the desktop or mobile UI that has not been upgraded to 1.24.0 or later is vulnerable.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, and the EPSS score of less than 1% suggests the likelihood of widespread exploitation is currently low. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires authentication to the API, so an attacker must first compromise a legitimate user account. Once authenticated, the attacker can send a crafted request to the git-config endpoint to execute arbitrary commands on the host machine.

Generated by OpenCVE AI on March 17, 2026 at 20:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Cloud CLI UI to version 1.24.0 or newer.

Generated by OpenCVE AI on March 17, 2026 at 20:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-7fv4-fmmc-86g2 @siteboon/claude-code-ui is Vulnerable to Shell Command Injection in Git Routes
History

Tue, 17 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Cloudcli
Cloudcli cloud Cli
CPEs cpe:2.3:a:cloudcli:cloud_cli:*:*:*:*:*:*:*:*
Vendors & Products Cloudcli
Cloudcli cloud Cli
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 12 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Siteboon
Siteboon claudecodeui
Vendors & Products Siteboon
Siteboon claudecodeui

Wed, 11 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
Description Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.24.0, The /api/user/git-config endpoint constructs shell commands by interpolating user-supplied gitName and gitEmail values into command strings passed to child_process.exec(). The input is placed within double quotes and only " is escaped, but backticks (`), $() command substitution, and \ sequences are all interpreted within double-quoted strings in bash. This allows authenticated attackers to execute arbitrary OS commands via the git configuration endpoint. This vulnerability is fixed in 1.24.0.
Title Shell Command Injection in Git Routes [CloudCLI UI]
Weaknesses CWE-94
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Cloudcli Cloud Cli
Siteboon Claudecodeui
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-12T14:07:17.766Z

Reserved: 2026-03-09T19:02:25.012Z

Link: CVE-2026-31861

cve-icon Vulnrichment

Updated: 2026-03-12T14:07:04.043Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-11T18:16:24.887

Modified: 2026-03-17T19:06:41.493

Link: CVE-2026-31861

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T15:30:17Z

Weaknesses