0.0004 Low
EPSS
Percentile
5.1%
The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password.
perform_request
/lib/echor/backplane.rb
www.openwall.com/lists/oss-security/2014/01/31/10
github.com/rubysec/ruby-advisory-db/blob/master/gems/echor/CVE-2014-1834.yml
nvd.nist.gov/vuln/detail/CVE-2014-1834