CVE-2020-13158

HIGH EXPLOITED NUCLEI

Artica Proxy <4.30.000000 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2020-13158 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including InfoSec4Fun. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a writeup describing a directory traversal vulnerability (CVE-2020-13158) in Artica Proxy Community Edition before 4.30.000000. The vulnerability allows remote attackers to read arbitrary files via the 'popup' parameter in fw.progrss.details.php.

Description

Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.

Exploits (1)

nomisec WRITEUP 1 stars
by InfoSec4Fun · poc
https://github.com/InfoSec4Fun/CVE-2020-13158

This repository contains a writeup describing a directory traversal vulnerability (CVE-2020-13158) in Artica Proxy Community Edition before 4.30.000000. The vulnerability allows remote attackers to read arbitrary files via the 'popup' parameter in fw.progrss.details.php.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Artica Proxy Community Edition < 4.30.000000
No auth needed
Prerequisites: Network access to the Artica Proxy web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Artica Proxy Community Edition <4.30.000000 - Local File Inclusion
HIGHby 0x_Akoko
Shodan: http.html:"artica"
FOFA: body="artica"

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/InfoSec4Fun/CVE-2020-13158

Scores

CVSS v3 7.5
EPSS 0.5352
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2024-01-02
CWE
CWE-22
Status published
Products (1)
articatech/artica_proxy < 4.30.000000
Published Jun 22, 2020
Tracked Since Feb 18, 2026