#VU58364 Buffer overflow in cgi - CVE-2021-41816

Cybersecurity Help s.r.o.

Published: 2021-11-25

Vulnerability identifier: #VU58364

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-41816

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
cgi
Web applications / Modules and components for CMS

Vendor: Ruby

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in CGI.escape_html. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

cgi: 0.1.0 - 0.3.0

External links
https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for Ruby

Multiple vulnerabilities in IBM Netcool Operations Insight

Red Hat Software Collections update for rh-ruby30-ruby

Red Hat Software Collections update for rh-ruby27-ruby

Fedora 34 update for ruby

Fedora 35 update for ruby

Debian update for ruby2.7

Multiple vulnerabilities in cflinuxfs3

Ubuntu update for ruby2.3

Multiple vulnerabilities in Ruby cgi gem