CVE-2024-2054

Name of the Vulnerable Software and Affected Versions Artica-Proxy (affected versions not specified)

Description The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. A researcher has uncovered a severe flaw in the popular Artica Proxy appliance, leaving over 100,000 installations globally at risk. The bug could allow unauthenticated attackers to execute malicious code on affected servers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.