Vulners
Lucene search
Ruby on Rails Web Console - Remote Code Execution
| Reporter | Title | Published | Views | Family All 32 |
|---|---|---|---|---|
 | Ruby on Rails 4.0.x / 4.1.x / 4.2.x (Web Console v2) - Whitelist Bypass Code Execution Exploit | 23 Mar 201700:00 | – | zdt |
 | Exploit for Improper Access Control in Rubyonrails Web_Console | 3 May 201807:41 | – | githubexploit |
| Exploit for Improper Access Control in Rubyonrails Web_Console | 9 Jan 202616:49 | – | githubexploit |
 | CVE-2015-3224 | 16 Jun 201500:00 | – | circl |
 | Web Console Remote Code Execution Vulnerability | 26 Jun 201500:00 | – | cnvd |
 | CVE-2015-3224 | 26 Jul 201522:00 | – | cve |
 | CVE-2015-3224 | 26 Jul 201522:00 | – | cvelist |
 | rubygem-rails -- multiple vulnerabilities | 16 Jun 201500:00 | – | freebsd |
 | Ruby on Rails 4.0.x/4.1.x/4.2.x (Web Console v2) - Whitelist Bypass Code Execution (Metasploit) | 16 Jun 201500:00 | – | exploitdb |
 | [SECURITY] Fedora 22 Update: rubygem-web-console-2.1.3-1.fc22 | 30 Jun 201500:01 | – | fedora |
10
id: CVE-2015-3224
info:
name: Ruby on Rails Web Console - Remote Code Execution
author: pdteam
severity: medium
description: Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request to request.rb.
impact: |
Remote code execution can lead to unauthorized access, data breaches, and complete compromise of the affected system.
remediation: |
Upgrade to a patched version of Ruby on Rails or disable the Web Console feature.
reference:
- https://www.metahackers.pro/rails-web-console-v2-whitelist-bypass-code-exec/
- https://www.jomar.fr/posts/2022/basic_recon_to_rce_ii/
- https://hackerone.com/reports/44513
- https://nvd.nist.gov/vuln/detail/CVE-2015-3224
- http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160881.html
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
cvss-score: 4.3
cve-id: CVE-2015-3224
cwe-id: CWE-284
epss-score: 0.45534
epss-percentile: 0.98633
cpe: cpe:2.3:a:rubyonrails:web_console:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: rubyonrails
product: web_console
tags: cve2015,cve,ruby,hackerone,rce,rails,intrusive,rubyonrails,vuln
http:
- method: GET
path:
- "{{BaseURL}}/{{randstr}}"
headers:
X-Forwarded-For: "::1"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Rails.root:"
- "Action Controller: Exception caught"
condition: and
- type: word
part: response
words:
- X-Web-Console-Session-Id
- data-remote-path=
- data-session-id=
case-insensitive: true
condition: or
# digest: 4b0a00483046022100f296a2493bc734c4ba5dd3d33bed2d547dd00f2ff12e8a0fc4fdfd9bb5a23b1b0221008b97ca5c78c36bdeae23ffffe161b7a4e15c63d8827a3da8a2202fa4e2313c0d:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
5.3Medium risk
Vulners AI Score5.3
CVSS 24.3
EPSS0.45534