Rails Dynamic Render 远程命令执行漏洞 (CVE-2016-0752)

Basic Fields

SSV ID:
SSV-90633
Find Time:
2015-12-16
Submit Time:
2016-01-27
Level:
Category:
命令执行
Component:
Ruby on Rails
Author:
Unknown
Submitter:
Knownsec
CVE-ID:
CVE-2016-0752
CNNVD-ID:
Add
CNVD-ID:
Add
ZoomEye Dork:
Add

Source

Detail

Contributor Knownsec Got  0KB
Loading icon
have 0  exchange

PoC (非 pocsuite 插件)

Contributor Knownsec totally have   0KB

have 0 Exchange

Reference Linking

Solutions

Temp Solutions

Official Solution

Defense Solutions

Unavailable Defense Solutions

Popularity 3180
Need to bind phone before comment. Bind Now

All Comments (1)

  • Most importantly, apply the patch for your specific version of Rails.
    1F

※Any content provided by this site, only to learn the code and services, not for illegal purposes