Artica Proxy 4.50 - Remote Code Execution (RCE)

Exploit Title: Artica Proxy 4.50 - Remote Code Execution RCE Date: 23-04-2024 Exploit Author: Madan Vendor Homepage: https://artica-proxy.com/ Version: 4.40, 4.50 Tested on: relevant os CVE : CVE-2024-2054 you can also find the exploit on my github repo: https://github.com/Madan301/CVE-2024-2054...

📄 Artica Proxy 4.50 Remote Code Execution

Artica Proxy version 4.50 suffers from a remote code execution vulnerability due to insecure deserialization. Exploit Title: CVE-2024-2054 Artica-Proxy administrative web application insecure deserialization RCE Google Dork: Date: 23-04-2024 Exploit Author: Madan Vendor Homepage:...

Artica Proxy Unauthenticated PHP Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Artica Proxy Unauthenticated PHP Deserialization Vulnerability', 'Description' = %q A Command Injection vulnerability in Artica Proxy appliance...

Artica Proxy Unauthenticated PHP Deserialization Exploit

A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and...

Artica Proxy Unauthenticated PHP Deserialization Vulnerability

A Command Injection vulnerability in Artica Proxy appliance version 4.50 and 4.40 allows remote attackers to run arbitrary commands via unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and...

CVE-2024-2054

The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user...

Artica Proxy 4.50 Unauthenticated PHP Deserialization Vulnerability

The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected. Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Advisory ID:...

Artica Proxy 4.50 Unauthenticated PHP Deserialization

KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Advisory ID: KL-001-2024-002 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt 1...

CVE-2024-2054 Artica Proxy Unauthenticated PHP Deserialization Vulnerability

The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user...

CVE-2024-2054

CVE-2024-2054 affects Artica Proxy (administrative web app). Multiple connected sources confirm an unauthenticated PHP object deserialization flaw that enables remote code execution as the www-data user. Public materials describe exploitable behavior via deserialization in Artica Proxy versions a...

Artica Proxy Unauthenticated PHP Deserialization Vulnerability

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.50 Platform: Debian 10 LTS CWE Classification: CWE-502 Deserialization of Untrusted Data CVE ID: CVE-2024-2054 2. Vulnerability Description The Artica Proxy administrative web application will...

CVE-2024-2054

creationtimestamp| type| source ---|---|--- 2000-12-31 23:00:00+00:00| seen| http://takeonme.org/cve/ 2024-03-25 20:41:44+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/articaproxyunauthrcecve20242054.rb 2025-02-06 03:13:46+00:00| seen|...