GitHub Advisory DatabaseGHSA-WWMF-6P58-6VJ2Remote code execution in rwiki
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.012 Low
EPSS
Percentile
84.9%
The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors.
Affected configurations
References
secunia.com/advisories/20264
www.vupen.com/english/advisories/2006/1949
exchange.xforce.ibmcloud.com/vulnerabilities/26668
github.com/advisories/GHSA-wwmf-6p58-6vj2
github.com/rubysec/ruby-advisory-db/blob/master/gems/rwiki/CVE-2006-2582.yml
nvd.nist.gov/vuln/detail/CVE-2006-2582
web.archive.org/web/20090501134922/www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.012 Low
EPSS
Percentile
84.9%