Miggo Logo
Miggo Vulnerability Database
CVE-2006-4111

CVE-2006-4111: Ruby on Rails vulnerable to code injection

7.5

CVSS Score

Basic Information

CVE ID
CVE-2006-4111
GHSA ID
GHSA-rvpq-5xqx-pfpp
EPSS Score
0.82375%
CWE
CWE-94
Published
10/24/2017
Updated
11/9/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Package NameEcosystemVulnerable VersionsFirst Patched Version
railsrubygems>= 1.1.0, < 1.1.61.1.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability centers around improper handling of HTTP headers affecting LOAD_PATH. Key evidence includes:

  1. The Gentoo advisory explicitly mentions the issue was in action_controller/ components handling user input and LOAD_PATH.
  2. Historical analysis from presidentbeef/rails-security-history indicates routing layer file loading behavior that could execute arbitrary code.
  3. The CWE-94 classification confirms code injection via controlled input.
  4. The Rails 1.1.6 patch would have needed to address how request parameters influence the Ruby environment. The Request#parameters method is central to processing HTTP input in Rails, making it the most likely candidate for the vulnerable path modification logic.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Ru*y on R*ils ***or* *.*.* *llows r*mot* *tt**k*rs to *x**ut* Ru*y *o** wit* "s*v*r*" or "s*rious" imp**t vi* * *il* Uplo** r*qu*st wit* *n *TTP *****r t**t mo*i*i*s t** LO**_P*T* v*ri**l*, * *i***r*nt vuln*r**ility t**n *V*-****-****.

Reasoning

T** vuln*r**ility **nt*rs *roun* improp*r **n*lin* o* *TTP *****rs *****tin* LO**_P*T*. K*y *vi**n** in*lu**s: *. T** **ntoo **visory *xpli*itly m*ntions t** issu* w*s in **tion_*ontroll*r/ *ompon*nts **n*lin* us*r input *n* LO**_P*T*. *. *istori**l