Description

A vulnerability exists in versions of Rails prior to 5.0.1 that would allow an attacker who controlled the locals argument of a render call to acheive remote code execution. This vulnerability has been assigned the CVE identifier CVE-2020-8163.

Remediation

Users of Rails 5.0 should upgrade to a version >= 5.0.1. This release is already available on RubyGems.

Workaround: Until such time as the patch can be applied, application developers should ensure that all user-provided local names are alphanumeric.

References

[CVE-2020-8163] Potential remote code execution of user-provided local names in Rails < 5.0.1

Related Vulnerabilities

WordPress Plugin wp heyloyalty Remote Code Execution (1.1.4)

Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9)

Remote Code Execution (RCE) in Spring Security OAuth

WordPress Plugin Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3)

WordPress Plugin Jekyll Exporter Remote Code Execution (2.2.0)

Severity

High

Classification

CVE-2020-8163 CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Code Execution Acumonitor