#VU36177 Command Injection in Artica Proxy - CVE-2019-7300

Cybersecurity Help s.r.o.

Published: 2019-02-01 | Updated: 2020-08-08

Vulnerability identifier: #VU36177

Vulnerability risk: Medium

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-7300

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Artica Proxy
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor: Artica Proxy

Description

The vulnerability allows a remote privileged user to execute arbitrary code.

Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Artica Proxy: 3.06.200056

External links
https://code610.blogspot.com/2019/01/rce-in-artica.html
https://github.com/c610/tmp/blob/master/aRtiCE.py

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Command Injection in Artica Proxy