Name | rails_accept_readfile |
---|---|
CVE | CVE-2019-5418 Exploit Pack |
VENDOR: Rails | |
NOTES: |
The vulnerability resides in Action View in combination with calls to ‘render file:’ in a controller.
You need to place in the corresponding textfield the path to the controller that uses ‘render file’
in a similar way to the code below:
class HelloController < ApplicationController
def index
render file: “#{Rails.root}/some/file”
end
end
Vulnerable Rails versions:
Tested on:
Repeatability: Infinite
References: https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-5418
Date public: 13/03/2019