Fluid Attacks Database

Description

Spree has Remote Command Execution vulnerability in search functionality Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary shell commands on the server without authentication.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rubygems	spree	>=0 <0.60.2	0.60.2

Aliases

1. CVE-2011-100192. NVD-2011-100193. OSV-2011-100194. GCVE-2011-10019

References

1. https://github.com/orgs/spree2. https://github.com/rubysec/ruby-advisory-db/blob/master/gems/spree/CVE-2011-10019.yml3. https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_search_exec.rb4. https://web.archive.org/web/20111009192436/http://spreecommerce.com/blog/2011/10/05/remote-command-product-group5. https://www.exploit-db.com/exploits/179416. https://www.vulncheck.com/advisories/spreecommerce-search-parameter-rce7. https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spree_search_exec.rb

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.