CVE-2018-3760

HIGH EXPLOITED NUCLEI LAB

Redhat Cloudforms < 2.12.4 - Information Disclosure

Title source: rule

Description

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

Exploits (3)

nomisec WORKING POC 8 stars

by mpgn · infoleak

https://github.com/mpgn/CVE-2018-3760

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by cyberharsh · poc

https://github.com/cyberharsh/Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760-

View Code ZIP pw:eip

nomisec WORKING POC

by wudidwo · infoleak

https://github.com/wudidwo/CVE-2018-3760-poc

View Code ZIP pw:eip

Nuclei Templates (1)

Ruby On Rails - Local File Inclusion

HIGHby 0xrudra,pikpikcu

References (7)

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:2244

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:2245

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:2561

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:2745

[Broken Link] https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5fhttps://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5

[Patch, Third Party Advisory] https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ

[Third Party Advisory] https://www.debian.org/security/2018/dsa-4242

Scores

CVSS v3 7.5

EPSS 0.9383

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull vulhub/rails:5.0.7

docker pull vaday/rubyrails

https://github.com/mpgn/CVE-2018-3760

https://github.com/cyberharsh/Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760-

https://github.com/wudidwo/CVE-2018-3760-poc

View in Library

Details

VulnCheck KEV 2020-12-28

CWE

CWE-22 CWE-200

Status published

Products (13)

debian/debian_linux 9.0

redhat/cloudforms 4.5

redhat/cloudforms 4.6

redhat/enterprise_linux 6.0

redhat/enterprise_linux 6.7

redhat/enterprise_linux 7.0

redhat/enterprise_linux 7.3

redhat/enterprise_linux 7.4

redhat/enterprise_linux 7.5

redhat/enterprise_linux 7.6

... and 3 more

Published Jun 26, 2018

Tracked Since Feb 18, 2026