Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-17506 PoC — ArticaTech Artica Web Proxy SQL注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-17506.yaml
Associated Vulnerability
Title:ArticaTech Artica Web Proxy SQL注入漏洞 (CVE-2020-17506)
Description:ArticaTech Artica Proxy是法国ArticaTech公司的一款开源的Artica代理解决方案。 Artica Web Proxy 4.30.00000000版本中的fw.login.php文件的‘apikey’参数存在SQL注入漏洞。远程攻击者可利用该漏洞绕过特权检测并获得Web后端管理员特权。
Description
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.
File Snapshot

 id: CVE-2020-17506

info:
  name: Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection
  auth

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.