exploitDog

GHSA-9f8x-323m-6vw4

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.

Ссылки

EPSS

Процентиль: 99%

0.87787

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-6316

CVSS3: 9.8

nvd

больше 8 лет назад

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.

BDU:2017-02113

fstec

почти 9 лет назад

Уязвимость компонента интерфейса управления средства доставки веб-приложений NetScaler SD-WAN, позволяющая нарушителю выполнить произвольную shell-команду

EPSS

Процентиль: 99%

0.87787

Высокий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-20