Strike ID:
E19-0uvu1
CVSS:
7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
False Positive:
t
Variants:
4
Year:
2019

Description

The strikes replicates an attack on Ruby on Rails which leads to arbitrary file disclosure. The vulnerability resides in the lack of validation of the Accept header which is further parsed within the template renderer.rb file in order to return the template file to be rendered. By exploiting this, a remote unauthenticated attacker may read arbitrary files on the host system.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}