Miggo Logo
Miggo Vulnerability Database
CVE-2013-6421

CVE-2013-6421: sprout Arbitrary Code Execution vulnerability

7.5

CVSS Score

Basic Information

CVE ID
CVE-2013-6421
GHSA ID
GHSA-229r-pqp6-8w6g
EPSS Score
0.78243%
CWE
CWE-94
Published
10/24/2017
Updated
11/5/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Package NameEcosystemVulnerable VersionsFirst Patched Version
sproutrubygems= 0.7.246

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability documentation explicitly identifies the unpack_zip function in archive_unpacker.rb as the source. The code uses %x() to execute a raw shell command with interpolated parameters derived from user inputs (zip_file and dir). File.expand_path and File.basename operations do not sanitize shell metacharacters, making the unzip command vulnerable to injection. Multiple sources (CVE, GHSA, and researcher analysis) confirm this pattern matches CWE-94 code injection.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** `unp**k_zip` *un*tion in `*r**iv*_unp**k*r.r*` in t** sprout **m *.*.*** *or Ru*y *llows *ont*xt-**p*n**nt *tt**k*rs to *x**ut* *r*itr*ry *omm*n*s vi* s**ll m*t****r**t*rs in * (*) *il*n*m* or (*) p*t*.

Reasoning

T** vuln*r**ility *o*um*nt*tion *xpli*itly i**nti*i*s t** unp**k_zip *un*tion in *r**iv*_unp**k*r.r* *s t** sour**. T** *o** us*s %x() to *x**ut* * r*w s**ll *omm*n* wit* int*rpol*t** p*r*m*t*rs **riv** *rom us*r inputs (zip_*il* *n* *ir). *il*.*xp*n