cbcvebase.
CVE-2021-31810
published 2021-07-13

CVE-2021-31810: An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP…

PriorityP433medium5.8CVSS 3.1
AVNACLPRNUINSCCLINAN
EPSS
3.05%
85.9th percentile
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions).

Affected

10 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianjruby< jruby 9.3.9.0+ds-1 (bookworm)jruby 9.3.9.0+ds-1 (bookworm)
debianruby2.7< jruby 9.3.9.0+ds-1 (bookworm)jruby 9.3.9.0+ds-1 (bookworm)
jrubyjruby>= 0 < 9.3.9.0+ds-19.3.9.0+ds-1
jrubyjruby>= 0 < 9.3.9.0+ds-19.3.9.0+ds-1
jrubyjruby>= 0 < 9.3.9.0+ds-19.3.9.0+ds-1
oraclejd_edwards_enterpriseone_tools< 9.2.6.19.2.6.1
ruby-langruby<= 2.6.7
ruby-langruby2.7.0 – 2.7.3
ruby-langruby3.0.0 – 3.0.1

CVSS provenance

nvdv3.15.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv7.0HIGH
vendor_ubuntu7.0HIGH
vendor_debian5.8MEDIUM
vendor_redhat5.8MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.