55 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated with exposing this network service are documented at gvalkov's 'tailon' GitHub repo. Using the tailon service, the contents of any file on the Artica Proxy can be viewed. Los servicios que se están ejecutando y vinculados a la interfaz de bucle invertido en Artica Proxy son accesibles a través del servicio de proxy. • http://seclists.org/fulldisclosure/2024/Mar/14 https://github.com/gvalkov/tailon#security https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-552: Files or Directories Accessible to External Parties •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user. La función "Rich Filemanager" de Artica Proxy proporciona una interfaz basada en web para capacidades de administración de archivos. Cuando la función está habilitada, no requiere autenticación de forma predeterminada y se ejecuta como usuario raíz. The Rich Filemanager feature of Artica Proxy versions 4.40 and 4.50 provides a web-based interface for file management capabilities. • http://seclists.org/fulldisclosure/2024/Mar/13 https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-552: Files or Directories Accessible to External Parties •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. La aplicación web administrativa Artica-Proxy deserializará objetos PHP arbitrarios proporcionados por usuarios no autenticados y posteriormente permitirá la ejecución de código como usuario "www-data". A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. • https://github.com/Madan301/CVE-2024-2054 http://seclists.org/fulldisclosure/2024/Mar/12 https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt https://attackerkb.com/topics/q1JUcEJjXZ/cve-2024-2054 • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. This issue was demonstrated on version 4.50 of the The Artica-Proxy administrative web application attempts to prevent local file inclusion. These protections can be bypassed and arbitrary file requests supplied by unauthenticated users will be returned according to the privileges of the "www-data" user. La aplicación web administrativa Artica Proxy deserializará objetos PHP arbitrarios proporcionados por usuarios no autenticados y posteriormente permitirá la ejecución de código como usuario "www-data". Este problema se demostró en la versión 4.50 de La aplicación web administrativa Artica-Proxy intenta evitar la inclusión de archivos locales. • http://seclists.org/fulldisclosure/2024/Mar/11 https://korelogic.com/Resources/Advisories/KL-001-2024-001.txt • CWE-23: Relative Path Traversal •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allowed PHP executable files to be uploaded through the file manager. This issue affects Pandora FMS: from 700 through 773. La carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Pandora FMS permite acceder a funcionalidades no correctamente restringidas por ACL. Esta vulnerabilidad permitía cargar archivos ejecutables PHP a través del administrador de archivos. • https://pandorafms.com/en/security/common-vulnerabilities-and-exposures • CWE-434: Unrestricted Upload of File with Dangerous Type •