Miggo Logo

CVE-2013-1948: md2pdf allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename

10

CVSS Score

Basic Information

EPSS Score
0.74922%
CWE
-
Published
10/24/2017
Updated
11/10/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Package NameEcosystemVulnerable VersionsFirst Patched Version
md2pdfrubygems<= 0.0.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description explicitly states that converter.rb in md2pdf allows command injection via filenames. This indicates the file contains a function that passes user-controlled filenames directly into shell commands without proper sanitization. The most probable location is the main conversion function (likely named 'convert') that processes filenames. Ruby's common command execution patterns (system/backticks) would make this vulnerable when interpolating untrusted input. While the exact code isn't available, the CVE description and file path provide strong contextual evidence.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

`*onv*rt*r.r*` in t** m**p** **m *.*.* *or Ru*y *llows *ont*xt-**p*n**nt *tt**k*rs to *x**ut* *r*itr*ry *omm*n*s vi* s**ll m*t****r**t*rs in * *il*n*m*.

Reasoning

T** vuln*r**ility **s*ription *xpli*itly st*t*s t**t `*onv*rt*r.r*` in `m**p**` *llows *omm*n* inj**tion vi* *il*n*m*s. T*is in*i**t*s t** *il* *ont*ins * *un*tion t**t p*ss*s us*r-*ontroll** *il*n*m*s *ir**tly into s**ll *omm*n*s wit*out prop*r s*ni