Strix
26.1K

CVE-2019-7300

UnknownEPSS 2.77%

Last modified

CVE-2019-7300 is a vulnerability of currently unknown severity. Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.. EPSS estimates a 2.77% chance of exploitation in the next 30 days.

Description

Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.

Metrics

EPSS Probability
2.77%

84.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ArticatechArtica Proxy3.06.200056

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-7300?
Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.
How severe is CVE-2019-7300?
Severity scoring for CVE-2019-7300 is pending analysis. The EPSS model estimates a 2.77% probability of exploitation in the next 30 days.
How do I fix CVE-2019-7300?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-7300?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST