CRITICAL🇵🇱 Wersja polska

CVE-2024-2055

CVSS 9.8v3.1pub. 2024-03-05upd. 2026-01-12

The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user.

🤖 AI Analysis
How it works

When the "Rich Filemanager" function is enabled, the web interface for file management is accessible to anyone without authentication (CWE-288 — missing authentication mechanism). Additionally, the process runs in the context of the root account, and system files are accessible through it without any permission restrictions (CWE-552 — unprotected file access). A remote attacker, without any credentials, can read, modify, and delete any files on the server.

Impact

An unauthenticated remote attacker gains full access to the file system with root privileges, enabling sensitive data theft, configuration modification, malicious code upload, and complete server compromise.

Mitigation & patch

Disable the "Rich Filemanager" function if not required and apply patches available from the vendor according to the references. It is also recommended to restrict access to the Artica Proxy management interface via firewall to trusted IP addresses only.

Who is affected

Artica Proxy (Articatech) with the "Rich Filemanager" function enabled — specific versions indicated in the vendor's references and in KoreLogic's KL-001-2024-003 advisory

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Articatech Artica Proxy

    APP
    Articatech
    4.40.0000004.50.000000
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-2054CRITICAL9.8PL ✓ten sam produkt

RCE przez deserializację PHP w Artica Proxy — nieuwierzytelniony dostęp

CVE-2024-2056CRITICAL9.8PL ✓ten sam produkt

Artica Proxy: dostęp do usług loopback przez serwis proxy (tailon RCE)

CVE-2021-41739CRITICAL9.8ten sam produkt

A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS comm...

CVE-2020-13159CRITICAL9.8ten sam produkt

Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server dom...

CVE-2017-17055CRITICAL9.0ten sam produkt

Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a ...