10

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-30123

GHSA ID

GHSA-wq4h-7r42-5hrr

EPSS Score

0.83931%

CWE

CWE-150

Published

5/27/2022

Updated

12/17/2023

KEV Status

Technology

Ruby

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-30123

CVE-2022-30123:
Possible shell escape sequence injection vulnerability in Rack

There is a possible shell escape sequence injection vulnerability in the Lint and CommonLogger components of Rack. This vulnerability has been assigned the CVE identifier CVE-2022-30123.

Versions Affected: All. Not affected: None Fixed Versions: 2.0.9.1, 2.1.4.1, 2.2.3.1

Impact

Carefully crafted requests can cause shell escape sequences to be written to the terminal via Rack's Lint middleware and CommonLogger middleware. These escape sequences can be leveraged to possibly execute commands in the victim's terminal.

Impacted applications will have either of these middleware installed, and vulnerable apps may have something like this:

use Rack::Lint

use Rack::CommonLogger

All users running an affected release should either upgrade or use one of the workarounds immediately.

Workarounds

Remove these middleware from your application

(GitHub Advisory)

10

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-30123

GHSA ID

GHSA-wq4h-7r42-5hrr

EPSS Score

0.83931%

CWE

CWE-150

Published

5/27/2022

Updated

12/17/2023

KEV Status

Technology

Ruby

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
rack	rubygems	<= 2.0.9.0	2.0.9.1
rack	rubygems	>= 2.1, <= 2.1.4.0	2.1.4.1
rack	rubygems	>= 2.2, <= 2.2.3.0	2.2.3.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The GitHub commit diff shows critical changes in these two components:

In CommonLogger, a gsub! was added to escape non-printable characters in log messages
In Lint, .dump was added to sanitize REQUEST_METHOD values in error messages These changes directly address CWE-150 (escape sequence injection) by adding proper sanitization where user-controlled data (HTTP method) was being output to logs/errors. The vulnerability description explicitly names these middleware components as the attack vectors.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T**r* is * possi*l* s**ll *s**p* s*qu*n** inj**tion vuln*r**ility in t** Lint *n* *ommonLo***r *ompon*nts o* R**k. T*is vuln*r**ility **s ***n *ssi*n** t** *V* i**nti*i*r *V*-****-*****. V*rsions *****t**: *ll. Not *****t**: Non* *ix** V*rsi

Reasoning

T** *it*u* *ommit *i** s*ows *riti**l ***n**s in t**s* two *ompon*nts: *. In *ommonLo***r, * *su*! w*s ***** to *s**p* non-print**l* ***r**t*rs in lo* m*ss***s *. In Lint, .*ump w*s ***** to s*nitiz* R*QU*ST_M*T*O* v*lu*s in *rror m*ss***s T**s* ***n

10

Basic Information

Concerned about an active attack path?

CVE-2022-30123: Possible shell escape sequence injection vulnerability in Rack

Impact

Workarounds

10

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2022-30123:
Possible shell escape sequence injection vulnerability in Rack

Vulnerability Intelligence
Miggo AI