exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files from Jaggar Henry

First Active2024-03-06
Last Active2024-03-27
Artica Proxy Unauthenticated PHP Deserialization
Posted Mar 27, 2024
Authored by h00die-gr3y, Jaggar Henry | Site metasploit.com

A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user.

tags | exploit, remote, web, arbitrary, php, code execution
advisories | CVE-2024-2054
SHA-256 | 769d2d7e8f18e8bd0ce142472f159825e87239bfc4426229f241a00de99425a0
Artica Proxy 4.50 Loopback Service Disclosure
Posted Mar 6, 2024
Authored by Jim Becher, Jaggar Henry | Site korelogic.com

Services that are running and bound to the loopback interface on the Artica Proxy version 4.50 are accessible through the proxy service. In particular, the tailon service is running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Using the tailon service, the contents of any file on the Artica Proxy can be viewed.

tags | exploit, root, tcp
advisories | CVE-2024-2056
SHA-256 | 0693c2ce363baaef7b371443418fb29623edc052f8d82f02eea207672f271e4b
Artica Proxy 4.50 Unauthenticated PHP Deserialization
Posted Mar 6, 2024
Authored by Jaggar Henry | Site korelogic.com

The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected.

tags | exploit, web, arbitrary, php, code execution
advisories | CVE-2024-2054
SHA-256 | 8e2ee354af5fde39323dcb9b78bd8d0b892172400746b1b66015b3a87cbd8630
Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal
Posted Mar 6, 2024
Authored by Jaggar Henry | Site korelogic.com

Artica Proxy versions 4.40 and 4.50 suffer from a local file inclusion protection bypass vulnerability that allows for path traversal.

tags | exploit, local, bypass, file inclusion
advisories | CVE-2024-2053
SHA-256 | ee5d3d2cce629647f1cc48769c74910aca7883ad99b79b7b1c766a0e28a65ddf
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close