.. / CVE-2020-17506

Exploit for Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection (CVE-2020-17506)

Description:

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.

Nuclei Template

View the template here CVE-2020-17506.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-17506.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2020-17506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17506
http://packetstormsecurity.com/files/158868/Artica-Proxy-4.3.0-Authentication-Bypass.html
https://blog.max0x4141.com/post/artica_proxy/
https://github.com/hangmansROP/proof-of-concepts
https://github.com/merlinepedra/nuclei-templates

.. / CVE-2020-17506 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection (CVE-2020-17506)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-17506