Enhancement: cves/2015/CVE-2015-3224.yaml by mp
parent
84f1b2d894
commit
287ab79277
|
@ -4,15 +4,15 @@ info:
|
||||||
name: Ruby on Rails Web Console - Remote Code Execution
|
name: Ruby on Rails Web Console - Remote Code Execution
|
||||||
author: pdteam
|
author: pdteam
|
||||||
severity: critical
|
severity: critical
|
||||||
|
description: "Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request to request.rb."
|
||||||
reference:
|
reference:
|
||||||
- https://www.metahackers.pro/rails-web-console-v2-whitelist-bypass-code-exec/
|
- https://www.metahackers.pro/rails-web-console-v2-whitelist-bypass-code-exec/
|
||||||
- https://www.jomar.fr/posts/2022/basic_recon_to_rce_ii/
|
- https://www.jomar.fr/posts/2022/basic_recon_to_rce_ii/
|
||||||
- https://hackerone.com/reports/44513
|
- https://hackerone.com/reports/44513
|
||||||
- https://nvd.nist.gov/vuln/detail/CVE-2015-3224
|
- https://nvd.nist.gov/vuln/detail/CVE-2015-3224
|
||||||
tags: cve,cve2015,rce,rails,ruby
|
|
||||||
description: "request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request."
|
|
||||||
classification:
|
classification:
|
||||||
cve-id: CVE-2015-3224
|
cve-id: CVE-2015-3224
|
||||||
|
tags: cve,cve2015,rce,rails,ruby
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
@ -39,3 +39,5 @@ requests:
|
||||||
- "data-session-id="
|
- "data-session-id="
|
||||||
case-insensitive: true
|
case-insensitive: true
|
||||||
condition: or
|
condition: or
|
||||||
|
|
||||||
|
# Enhanced by mp on 2022/05/10
|
||||||
|
|
Loading…
Reference in New Issue