Vulnerability feed

Vulnerability

CVE-2020-17505

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2020-17505
Description:: Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
Last updated date:: 01/24/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/22/2020
Reference url to background: https://blog.max0x4141.com/post/artica_proxy/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/27/2021
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/artica_proxy_auth_bypass_service_cmds_peform_command_injection.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/24/2023
Reference url to background: http://packetstormsecurity.com/files/159267/Artica-Proxy-4.30.000000-Authentication-Bypass-Command-Injection.html

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |