CVE-2016-6317

HIGH

Ruby on Rails 4.2.x <4.2.7.1 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-6317. PoCs published by kavgan.

AI-analyzed exploit summary The repository contains only a README describing CVE-2016-6317, a SQL injection vulnerability in Ruby on Rails, but lacks any functional exploit code or technical analysis. It references an external repo for additional details but provides no actionable PoC.

Description

Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.

Exploits (1)

nomisec STUB

by kavgan · poc

https://github.com/kavgan/vuln_test_repo_public_ruby_gemfile_cve-2016-6317

View Code ZIP pw:eip

The repository contains only a README describing CVE-2016-6317, a SQL injection vulnerability in Ruby on Rails, but lacks any functional exploit code or technical analysis. It references an external repo for additional details but provides no actionable PoC.

Classification

Stub 90%

Attack Type

Sqli

Complexity

Theoretical

Reliability

Theoretical

Target: Ruby on Rails 4.2.x before 4.2.7.1

No auth needed

Prerequisites: Ruby on Rails application with vulnerable version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/92434

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2016/08/11/4

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-1855.html

Release Notes x_refsource_confirm

http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/

Mailing List mailing-list x_refsource_mlist

https://groups.google.com/forum/#%21topic/ruby-security-ann/WccgKSKiPZA

Scores

CVSS v3 7.5

EPSS 0.0038

EPSS Percentile 60.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-284 CWE-476

Status published

Products (11)

rubygems/activerecord 4.2.0 - 4.2.7.1RubyGems

rubyonrails/rails 4.2.0 (8 CPE variants)

rubyonrails/rails 4.2.1 (5 CPE variants)

rubyonrails/rails 4.2.2

rubyonrails/rails 4.2.3 (2 CPE variants)

rubyonrails/rails 4.2.4 (2 CPE variants)

rubyonrails/rails 4.2.5 (3 CPE variants)

rubyonrails/rails 4.2.5.1

rubyonrails/rails 4.2.5.2

rubyonrails/rails 4.2.6 (2 CPE variants)

... and 1 more

Published Sep 07, 2016

Tracked Since Feb 18, 2026