6.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-22881

GHSA ID

GHSA-8877-prq4-9xfw

EPSS Score

0.90965%

CWE

CWE-601

Published

3/2/2021

Updated

7/3/2023

KEV Status

Technology

Ruby

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-22881

CVE-2021-22881: Actionpack Open Redirect Vulnerability

The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.

(GitHub Advisory)

6.1

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-22881

GHSA ID

GHSA-8877-prq4-9xfw

EPSS Score

0.90965%

CWE

CWE-601

Published

3/2/2021

Updated

7/3/2023

KEV Status

Technology

Ruby

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
actionpack	rubygems	>= 6.0.0, <= 6.0.3.4	6.0.3.5
actionpack	rubygems	>= 6.1.0, <= 6.1.2.0	6.1.2.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper host validation in the HostAuthorization middleware. The commit b5de7b3 shows the fix involved adding strict regex validation (/\A(?<host>[a-z0-9.-]+|[[a-f0-9]*:[a-f0-9.:]+])(:\d+)?\z/i) to the authorized? method. The pre-patch version lacked proper escaping and domain validation, allowing subdomain wildcard matches (via .example.com patterns) to be exploited with crafted Host headers. The test case added in host_authorization_test.rb specifically verifies protection against hostnames with invalid characters like '#', confirming the function's role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** *ost *ut*oriz*tion mi**l*w*r* in **tion P**k ***or* *.*.*.*, *.*.*.* su***rs *rom *n op*n r**ir**t vuln*r**ility. Sp**i*lly *r**t** `*ost` *****rs in *om*in*tion wit* **rt*in "*llow** *ost" *orm*ts **n **us* t** *ost *ut*oriz*tion mi**l*w*r* in *

Reasoning

T** vuln*r**ility st*ms *rom improp*r *ost v*li**tion in t** *ost*ut*oriz*tion mi**l*w*r*. T** *ommit ******* s*ows t** *ix involv** ***in* stri*t r***x v*li**tion (/\*(?<*ost>[*-z*-*.-]+|\[[*-**-*]*:[*-**-*.:]+\])(:\*+)?\z/i) to t** *ut*oriz**? m*t*

6.1

Basic Information

Concerned about an active attack path?

CVE-2021-22881: Actionpack Open Redirect Vulnerability

6.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI