VYPR

Artica Proxy

by Articatech

CVEs (3)

  • CVE-2017-17055CriDec 7, 2017
    risk 0.62cvss 9.0epss 0.09

    Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.

  • CVE-2024-2054Mar 5, 2024
    risk 0.10cvss epss 0.81

    The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user.

  • CVE-2024-2053Mar 5, 2024
    risk 0.03cvss epss 0.45

    The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. This issue was demonstrated on version 4.50 of the The Artica-Proxy administrative web…