HTTP: Artica Proxy fw.login.php apikey SQL Injection

This signature detects attempts to exploit a known vulnerability against Artica Proxy. A successful attack can lead to command injection and arbitrary code execution.

Extended Description

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.

Affected Products

Articatech web_proxy

References

CVE: CVE-2020-17506

Short Name
HTTP:SQL:ARTICA-PROXY-SQLINJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Artica CVE-2020-17506 Injection Proxy SQL apikey fw.login.php
Release Date
11/02/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Articatech

CVSS Score

7.5

Found a potential security threat?