What is CVE-2024-2054?

CVE-2024-2054 is a vulnerability in Artica Tech Proxy, classified under Deserialization of Untrusted Data. Published 2024-03-05.

Is CVE-2024-2054 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Deserialization in Artica Tech Proxy

CVE-2024-2054

The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user.

Vulnerability class: Insecure Deserialization

EPSS: 0.878 (99.5th percentile) — read the EPSS interpretation.

Affected products

Artica Tech Proxy — versions 4.50

Weakness classification (CWE)

CWE-502 — Deserialization of Untrusted Data

Public proof-of-concept exploits

Madan301/CVE-2024-2054
rapid7/metasploit-framework
nomi-sec/PoC-in-GitHub
tanjiti/sec_

References

korelogic.com/Resources/Advisories/KL-001-2024-002.txt (third-party-advisory)
seclists.org/fulldisclosure/2024/Mar/12

Frequently asked questions

What is CVE-2024-2054?: CVE-2024-2054 is a vulnerability in Artica Tech Proxy, classified under Deserialization of Untrusted Data. Published 2024-03-05.
Is CVE-2024-2054 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.