E20-9xpe3
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
1
Year:
2020
Description
This strike exploits an SQL injection vulnerability in Artica Web Proxy. This vulnerability is due to improper validation of the apikey parameter of the fw.login.php page. An attacker can send a crafted HTTP request with SQL commands in the vulnerable parameter allowing remote code execution to occur.