Skip to main content

Web Proxy

2 CVEs product

Monthly

CVE-2020-17506 CRITICAL POC THREAT Emergency

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Web Proxy
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
94.0%
CVE-2020-17505 HIGH POC THREAT Act Now

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP Web Proxy
NVD
CVSS 3.1
8.8
EPSS
82.2%
EPSS 94% CVSS 9.8
CRITICAL POC THREAT Emergency

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Web Proxy
NVD Exploit-DB
EPSS 82% CVSS 8.8
HIGH POC THREAT Act Now

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP Web Proxy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy