Published: 07/12/2017 Updated: 21/12/2017

CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8

CVSS v3 Base Score: 9 | Impact Score: 6 | Exploitability Score: 2.3

VMScore: 855

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Artica Web Proxy prior to 3.06.112911 allows remote malicious users to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
articatech artica proxy

[+] Credits: John Page (aka Hyp3rlinX) [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/ARTICA-WEB-PROXY-v306-REMOTE-CODE-EXECUTION-CVE-2017-17055txt [+] ISR: ApparitionSec Vendor: ======= wwwarticatechcom Product: ========= Artica Web Proxy v306112216 Artica Tech offers a ...

Artica Web Proxy version 306112216 suffers from a remote code execution vulnerability ...

CWE-78 https://www.exploit-db.com/exploits/43206/http://seclists.org/fulldisclosure/2017/Dec/3 http://packetstormsecurity.com/files/145183/Artica-Web-Proxy-3.06.112216-Remote-Code-Execution.html http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE-CODE-EXECUTION-CVE-2017-17055.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/43206/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-17055

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect