ArcticDesk Local File Inclusion Vulnerability

ArcticDesk Local File Inclusion Vulnerability

ArcticDesk is a lightweight support help desk solution. It lets you manage tickets, emails, announcements, articles, downloads and more, all in one place.

WHMCS Complete Billing and Support

Vulnerability Description:

There is a local file inclusion vulnerability present within ArcticDesk that would allow a malicious user to open files which could yield sensitive information. Under the right circumstances, it may even be possible to turn this into a remote file inclusion which could allow a commands to be executed. This vulnerability was critical since it is possible to obtain sensitive data.

Vulnerable Version:

This vulnerability was tested against ArcticDesk v1.2.4.

Fixed Version:

This vulnerability was patched in ArcticDesk v1.2.5.

This vulnerability was discovered by Rack911 – A server management and security company.

If you are using any previous version of ArcticDesk, it is strongly recommended that you upgrade it to ArcticDesk v1.2.5 version as soon as possible.

Posted in Security.