Miggo Logo

CVE-2013-1875: Shell command injection in command_wrap

N/A

CVSS Score

Basic Information

EPSS Score
0.71768%
Published
10/24/2017
Updated
11/6/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
command_wraprubygems<= 0.6.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two code patterns: 1) In the capture method, user-supplied URL and target parameters are directly interpolated into a CutyCapt command string. 2) In the wkhtmltopdf invocation, user-controlled source and target parameters are similarly interpolated. Both cases use backticks (`) for command execution without proper input sanitization, allowing shell metacharacters like semicolons to break out of the intended command structure. This matches the CWE-94 description of code injection via uncontrolled command generation, and is explicitly confirmed in multiple advisories showing semicolon-based command injection.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*omm*n*_wr*p.r* in t** *omm*n*_wr*p **m *or Ru*y *llows r*mot* *tt**k*rs to *x**ut* *r*itr*ry *omm*n*s vi* s**ll m*t****r**t*rs in * URL or *il*n*m*.

Reasoning

T** vuln*r**ility st*ms *rom two *o** p*tt*rns: *) In t** **ptur* m*t*o*, us*r-suppli** URL *n* t*r**t p*r*m*t*rs *r* *ir**tly int*rpol*t** into * *uty**pt *omm*n* strin*. *) In t** wk*tmltop** invo**tion, us*r-*ontroll** sour** *n* t*r**t p*r*m*t*rs