Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-2053 PoC — Artica Proxy 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-2053.yaml
Associated Vulnerability
Title:Artica Proxy 安全漏洞 (CVE-2024-2053)
Description:Artica Proxy是西班牙Artica公司的一款开源的Artica代理解决方案。 Artica Proxy 4.40版本和4.50版本存在安全漏洞,该漏洞源于存在本地文件包含漏洞。
Description
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. This issue was demonstrated on version 4.50 of the The Artica-Proxy administrative web application attempts to prevent local file inclusion. These protections can be bypassed and arbitrary file requests supplied by unauthenticated users will be returned according to the privileges of the "www-data" user.
File Snapshot

 id: CVE-2024-2053

info:
  name: Artica Proxy  - Unauthenticated LFI
  author: pussycat0x
  severity

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.