3 matches found
CVE-2020-17506
CVE-2020-17506 affects Artica Web Proxy 4.30.00000000. The vulnerability is an SQL injection in the apikey parameter of fw.login.php that allows remote attackers to bypass privilege detection and gain web backend administrator privileges. Documents indicate this can lead to authentication bypass ...
CVE-2020-17505
Artica Web Proxy 4.30.000000 is affected by CVE-2020-17505. AnAuthenticated attacker can inject commands via the service-cmds parameter in cyrus.php, with the injected commands executed as root through service_cmds_peform, yielding remote code execution. The issue is documented across multiple so...
CVE-2021-40680
CVE-2021-40680 describes a Directory Traversal vulnerability in Artica Proxy and its VMware Appliance. The vulnerability arises from lack of input filtering on the filename parameter to /cgi-bin/main.cgi, allowing potentially unauthorized access to files. Affected products are Artica Proxy (versi...