all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Artica Proxy Unauthenticated PHP Deserialization

Add to bookmarks
March 27, 2024, 2:48 p.m. |

Packet Storm packetstormsecurity.com

A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user.

application attackers code code execution command command injection data deserialization enable http injection php proxy request run unauthenticated vulnerability web web application

Visit resource

More from packetstormsecurity.com / Packet Storm

The Not-So-Silent Type 19 hours ago | packetstormsecurity.com
apps called keyboard keystrokes +6
Ubuntu Security Notice USN-6754-1 19 hours ago | packetstormsecurity.com
attacker denial of service http implementation +11
Ubuntu Security Notice USN-6753-1 19 hours ago | packetstormsecurity.com
attacker configuration cryptographic default +14
Debian Security Advisory 5674-1 19 hours ago | packetstormsecurity.com
advisory debian debian linux security denial of service +9
Ubuntu Security Notice USN-6751-1 19 hours ago | packetstormsecurity.com
attacker attacks cross-site data +11
Ubuntu Security Notice USN-6752-1 19 hours ago | packetstormsecurity.com
attacker crash denial of service issue +10
Red Hat Security Advisory 2024-2066-03 19 hours ago | packetstormsecurity.com
advisory enterprise linux red hat +5
Red Hat Security Advisory 2024-2064-03 19 hours ago | packetstormsecurity.com
advisory enterprise linux red hat +5
Red Hat Security Advisory 2024-2063-03 19 hours ago | packetstormsecurity.com
advisory buffer buffer overflow enterprise +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut
View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder
View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States
View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom
View on infosec-jobs.com
View more jobs