all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Artica Proxy Unauthenticated PHP Deserialization

Add to bookmarks
March 27, 2024, 2:48 p.m. |

Packet Storm packetstormsecurity.com

A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user.

application attackers code code execution command command injection data deserialization enable http injection php proxy request run unauthenticated vulnerability web web application

Visit resource

More from packetstormsecurity.com / Packet Storm

TOR Virtual Network Tunneling Tool 0.4.8.12 2 days, 12 hours ago | packetstormsecurity.com
a network applications communication developers +21
jSQL Injection 0.98 2 days, 12 hours ago | packetstormsecurity.com
application box code database +21
Ubuntu Security Notice USN-6815-1 2 days, 12 hours ago | packetstormsecurity.com
application arbitrary code attacker code +13
Red Hat Security Advisory 2024-3708-03 2 days, 12 hours ago | packetstormsecurity.com
advisory apache boot build +15
Online Pizza Ordering System 1.0 SQL Injection 2 days, 12 hours ago | packetstormsecurity.com
injection pizza sql sql injection +5
Apache HugeGraph Remote Command Execution 2 days, 12 hours ago | packetstormsecurity.com
1.0.0 1.3.0 apache command +5
FBI Says It Has 7,000 LockBit Ransomware Decryption Keys 2 days, 12 hours ago | packetstormsecurity.com
cryptography data loss decryption decryption keys +8
Russian Hacktivists Vow Mass Attacks Against EU Elections 2 days, 12 hours ago | packetstormsecurity.com
attacks cyberwar elections hacker +3
Spam Blocklist SORBS Closed By Its Owner, Proofpoint 2 days, 12 hours ago | packetstormsecurity.com
blocklist email proofpoint spam

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com