CVE-2013-0333

Rails < 2.3.16 - SQL Injection

Title source: rule

Description

lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/24434
nomisec SCANNER 2 stars
by heroku · poc
https://github.com/heroku/heroku-CVE-2013-0333
metasploit SCANNER
by jjarmoc, hdm · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/rails_json_yaml_scanner.rb
metasploit WORKING POC EXCELLENT
by jjarmoc, egypt, lian · rubypocruby
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/rails_json_yaml_code_exec.rb

References (11)

Scores

EPSS 0.9194
EPSS Percentile 99.7%

Details

Status published
Products (26)
rubygems/activesupport 2.3.2 - 2.3.16RubyGems
rubyonrails/rails 2.3.0
rubyonrails/rails 2.3.1
rubyonrails/rails 2.3.2
rubyonrails/rails 2.3.3
rubyonrails/rails 2.3.4
rubyonrails/rails 2.3.9
rubyonrails/rails 2.3.10
rubyonrails/rails 2.3.11
rubyonrails/rails 2.3.12
... and 16 more
Published Jan 30, 2013
Tracked Since Feb 18, 2026