CVE-2020-17506

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
12/08/2020
Last modified:
21/11/2022

Description

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:articatech:web_proxy:4.30.000000:*:*:*:*:*:*:*