header-logo
Suggest Exploit
vendor:
Rbot
by:
7.5
CVSS
HIGH
Unauthorized Access
287
CWE
Product Name: Rbot
Affected Version From: 2000.9.14
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Rbot Unauthorized Access Vulnerability

The Rbot application fails to sanitize user supplied data, allowing an attacker to gain administrative rights and execute Ruby code within the context of the application.

Mitigation:

Apply the latest patch or update to a non-vulnerable version of the Rbot application.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/39915/info

Rbot is prone to an unauthorized-access vulnerability because it fails to adequately sanitize user supplied data.

An attacker can exploit this vulnerability to gain administrative rights to the rbot application. This will allow a remote attacker to execute Ruby code within the context of the affected application; other attacks may be possible.

rbot 0.9.14 is vulnerable; other versions may also be affected. 

<attacker> !react to /attacker:.*/ with cmd:whoami