CVE-2019-7300
N/A
N/A
Summary
Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://code610.blogspot.com/2019/01/rce-in-artica.html
- https://github.com/c610/tmp/blob/master/aRtiCE.py
References
- https://code610.blogspot.com/2019/01/rce-in-artica.html
- https://github.com/c610/tmp/blob/master/aRtiCE.py
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.