Vulnerabilities (CVE)

Filtered by vendor Articatech Subscribe

Filtered by product Artica Proxy

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-7300	1 Articatech	1 Artica Proxy	2020-08-24	9.0 HIGH	7.2 HIGH
Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.
CVE-2020-15052	1 Articatech	1 Artica Proxy	2020-07-22	5.0 MEDIUM	7.5 HIGH
An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields.
CVE-2020-13158	1 Articatech	1 Artica Proxy	2020-07-01	5.0 MEDIUM	7.5 HIGH
Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.
CVE-2020-10818	1 Articatech	1 Artica Proxy	2020-03-25	6.5 MEDIUM	7.2 HIGH
Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field.