Ruby CVEs
Π‘ΠΏΠΈΡΠΎΠΊ CVEs: https://www.ruby-lang.org/ru/security/
Deserialization
CVE-2020-8165 Deserialization
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅: https://hackerone.com/reports/413388
ΠΡΠΎΠ²Π΅ΡΠΊΠ°: ΠΈΡΠ΅ΠΌ Π² ΠΊΠΎΠ΄Π΅ raw: true
CVE-2020-8165 - Π΄Π΅ΡΠ΅Ρ Π² Ruby on Rails. Test Lab: https://github.com/masahiro331/CVE-2020-8165
CVE-2019-5420 Active Storage RCE Deser
Active Storage β ΠΌΠ΅Ρ Π°Π½ΠΈΠ·ΠΌ Π² Rails, ΠΎΠ±Π»Π΅Π³ΡΠ°ΡΡΠΈΠΉ Π·Π°Π³ΡΡΠ·ΠΊΡ ΡΠ°ΠΉΠ»ΠΎΠ² Π² ΠΎΠ±Π»Π°ΡΠ½ΡΠ΅ Ρ ΡΠ°Π½ΠΈΠ»ΠΈΡΠ° Π΄Π°Π½Π½ΡΡ (Amazon S3, Google Cloud Storage).
ΠΠΎΡΡΡΠΏΠ΅Π½ ΠΏΠΎ URL'Π°ΠΌ /rails/active_storage/*
ΠΠ°ΠΏΡΠΈΠΌΠ΅Ρ: /rails/active_storage/disk/<base64-message>--<sign>
PoC: https://github.com/knqyf263/CVE-2019-5420
ΠΠΎΠ»Π½ΠΎΠ΅ ΠΎΠΏΠΈΡΠ°Π½ΠΈΠ΅: https://www.zerodayinitiative.com/blog/2019/6/20/remote-code-execution-via-ruby-on-rails-active-storage-insecure-deserialization
File Read
CVE-2019-5418 File Read
link: https://github.com/mpgn/CVE-2019-5418
Analys: https://blog.pentesterlab.com/cve-2019-5418-on-waf-bypass-and-caching-10e93f9a1981
Π‘ΡΡΡ: Π² Accept ΡΡΠ°Π²ΠΈΠΌ:
Last updated