Miggo Logo
Miggo Vulnerability Database
CVE-2012-2140

CVE-2012-2140: Mail Gem Improper Input Validation vulnerability

7.5

CVSS Score

Basic Information

CVE ID
CVE-2012-2140
GHSA ID
GHSA-rp63-jfmw-532w
EPSS Score
0.87374%
CWE
CWE-20
Published
10/24/2017
Updated
9/5/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Package NameEcosystemVulnerable VersionsFirst Patched Version
mailrubygems< 2.4.32.4.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The GitHub patch shows a critical change in sendmail.rb where shellescape was replaced with escape_for_shell in the command string construction. The CVE description explicitly cites sendmail/exim delivery methods, and the commit message confirms the fix was to properly escape destinations. While exim's implementation might have similar issues, the provided evidence only directly shows the sendmail delivery method's vulnerability. The use of shellescape (which is Ruby's built-in method) was insufficient for this context, leading to command injection.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** M*il **m ***or* *.*.* *or Ru*y *llows r*mot* *tt**k*rs to *x**ut* *r*itr*ry *omm*n*s vi* s**ll m*t****r**t*rs in * (*) s*n*m*il or (*) *xim **liv*ry.

Reasoning

T** *it*u* p*t** s*ows * *riti**l ***n** in s*n*m*il.r* w**r* `s**ll*s**p*` w*s r*pl**** wit* `*s**p*_*or_s**ll` in t** *omm*n* strin* *onstru*tion. T** *V* **s*ription *xpli*itly *it*s s*n*m*il/*xim **liv*ry m*t*o*s, *n* t** *ommit m*ss*** *on*irms