EXPLOITDB-EDB-40561

EXPLOITDB ruby VERIFIED WORKING POC

Exploit for CVE-2016-0752 - Ruby on Rails Dynamic Render File Upload Remote Code Execution

AI Analysis

This Metasploit module exploits CVE-2016-0752, a remote code execution vulnerability in Ruby on Rails' dynamic render method. It uploads a malicious file via a POST request and triggers execution by manipulating the render path.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type remote

Platform multiple

Language ruby

Files 1

https://www.exploit-db.com/exploits/40561

Authors

Metasploit mr_me John Poulin

Vulnerability

CVE-2016-0752

Ruby on Rails Dynamic Render File Upload Remote Code Execution

HIGH KEV

CVSS 7.5