3 matches found
Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation
KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability Title: Artica Proxy Unauthenticated File Manager Vulnerability Advisory ID: KL-001-2024-003 Publication Date: 2024.03.05 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt 1. Vulnerability Detail...
Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation Vulnerability
The Rich Filemanager feature of Artica Proxy versions 4.40 and 4.50 provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user. This provides an unauthenticated attacker complete access to...
CVE-2024-2055
The Artica Proxy vulnerability CVE-2024-2055 involves the Rich Filemanager feature. When enabled, it does not require authentication and runs as root, exposing an unauthenticated web interface on port 5000/tcp. An attacker can gain complete filesystem access and could modify critical files (e.g.,...