CVE-2019-5420
CRITICAL9.8EPSS 93.7%Use of Insufficiently Random Values in Railties Allows Remote Code Execution
Published: 3/13/2019Modified: 4/28/2026
Description
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.
Affected packages (2)
- Debian/railsfrom 0, < 2:5.2.2.1+dfsg-1
- RubyGems/railties>= 5.2.0, < 5.2.2.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References (8)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-5420
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2019-5420
- WEBhttp://packetstormsecurity.com/files/152704/Ruby-On-Rails-DoubleTap-Development-Mode-secret_key_base-Remote-Code-Execution.html
- WEBhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/railties/CVE-2019-5420.yml
- WEBhttps://groups.google.com/forum/#!topic/rubyonrails-security/IsQKvDqZdKw
- WEBhttps://lists.fedoraproject.org/archives/list/[email protected]/message/Y43636TH4D6T46IC6N2RQVJTRFJAAYGA
- WEBhttps://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released
- WEBhttps://www.exploit-db.com/exploits/46785