The Ruby on Ruby on Rails Security group issued a security update on January 8th. Metasploit, a pentesting tool, has already been working on a module for exploitation. The vulnerability has been identified as CVE-2013-0156. PoCs have already been released and a module was created overnight. The VRT has also released two new SIDs to detect the vulnerability in the next round of security updates. They will be released in our next SEU, which is targeted for today.”]
Source: https://blog.talosintelligence.com/2013/01/the-ruby-on-rails-vulnerability-that.html