CVE-2024-2053
Published: 21 March 2024
Summary
CVE-2024-2053 is a high-severity Relative Path Traversal (CWE-23) vulnerability in Articatech Artica Proxy. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 2.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The vulnerability CVE-2024-2053 affects the Artica Proxy administrative web application, specifically version 4.50. It stems from the application's deserialization of arbitrary PHP objects supplied by unauthenticated users, which leads to code execution as the www-data user. The component also attempts to block local file inclusion, but these controls can be bypassed to permit arbitrary file requests returned under www-data privileges. The issue carries a CVSS 3.1 score of 7.5 reflecting network attack vector, low complexity, no required privileges or user interaction, and high confidentiality impact.
Unauthenticated remote attackers can supply malicious serialized objects or file paths directly to the administrative web interface. Successful exploitation grants the ability to execute code or read arbitrary files on the server with the privileges of the www-data account, enabling disclosure of sensitive configuration or data without authentication.
Public advisories published via KoreLogic and Seclists in March 2024 document the deserialization and path traversal flaws but do not detail available patches or configuration workarounds in the referenced materials.
The EPSS probability rose to a peak of 0.4086 before settling at the current value of 0.3654, indicating that exploitation interest increased after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-27018
Vulnerability details
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. This issue was demonstrated on version 4.50 of the The Artica-Proxy administrative web application attempts to…
more
prevent local file inclusion. These protections can be bypassed and arbitrary file requests supplied by unauthenticated users will be returned according to the privileges of the "www-data" user.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.