The vulnerability in rbot 0.9.14 allows unauthorized access due to insufficient input sanitization, enabling attackers to gain administrative rights and execute Ruby code remotely. The provided example demonstrates a command injection via a crafted IRC message.
Classification
Writeup 80%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:rbot 0.9.14
No auth needed
Prerequisites:Access to the IRC channel where rbot is active