Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-3187Improper Input Validation in Project Actionpack

CWE-20Improper Input Validation8 documents7 sources
Severity
4.3MEDIUMNVD
EPSS
9.0%
top 7.35%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Actionpack Project ActionpackRubyonrails Rails
Timeline
PublishedAug 29
Latest updateOct 24

Description

The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

RubyGemsactionpack_project/actionpack2.3.02.3.13

Patches

Patch: www.openwall.comPatch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

4
GHSA
actionpack Improper Input Validation vulnerability2017-10-24
OSV
actionpack Improper Input Validation vulnerability2017-10-24
CVEList
CVE-2011-3187: The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip2011-08-29
OSV
CVE-2011-3187: The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip2011-08-29

💥Exploits & PoCs

1
Exploit-DB
Ruby on Rails 3.0.5 - 'WEBrick::HTTPRequest' Module HTTP Header Injection2011-02-16

📋Vendor Advisories

1
Debian
CVE-2011-3187: rails - The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Rub...2011

💬Community

1
Bugzilla
CVE-2011-3187 rubygem-actionpack: does not validate X-Forwarded-For header in requests from class C networks2011-08-30
CVE-2011-3187 — Improper Input Validation | cvebase