Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2024-2053
HistoryMar 21, 2024 - 2:52 a.m.

CVE-2024-2053

2024-03-2102:52:27
CWE-23
[email protected]
web.nvd.nist.gov
33
cve
2024
2053
artica proxy
php
code execution
web application
security vulnerability
nvd

7.9 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the β€œwww-data” user. This issue was demonstrated on version 4.50 of theΒ The Artica-Proxy administrative web application attempts to prevent local file inclusion. These protections can be bypassed and arbitrary file requests supplied by unauthenticated users will be returned according to the privileges of the β€œwww-data” user.

Related

prion 1
packetstorm 1
zdt 1
korelogic 1
cvelist 1
prion
prion
Design/Logic Flaw
2024-03-14 22:47:31
packetstorm
packetstorm
Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal
2024-03-06 00:00:00
zdt
zdt
Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal Vulnerability
2024-03-06 00:00:00
korelogic
korelogic
Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability
2024-03-05 00:00:00
cvelist
cvelist
CVE-2024-2053 Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability
2024-03-05 18:56:10

7.9 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON
Related for CVE-2024-2053
prion1packetstorm1zdt1korelogic1cvelist1