The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofing, remote SQL injection, and directory traversal vulnerabilities.
e7627b90298023da272c5c16d0da665c56143382a6c2331b9af84784625a3870Multiple vulnerabilities have been identified in the management
interface of Citrix NetScaler SD-WAN physical appliances and virtual
appliances. Collectively these vulnerabilities could allow an
unauthenticated attacker with access to the management interface to
compromise the host.
http://www.scada.sl/2018/10/citrix-netscaler-sd-wan-bugsfixes.html
CVE-2018-17444 - Directory traversal in Citrix SD-WAN 10.1.0 and
NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
CVE-2018-17445 - Command Injection in Citrix SD-WAN 10.1.0 and
NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
CVE-2018-17446 - SQL Injection in in Citrix SD-WAN 10.1.0 and
NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
CVE-2018-17447 - Information exposure through log files in Citrix
SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x
before 10.0.4.
CVE-2018-17448 - Incorrect Access Controls in Citrix SD-WAN 10.1.0 and
NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
CVE-2012-2104 - Munin Remote Command Injection Vulnerability.
CVE-2016-4793 - The clientIp function in CakePHP 3.2.4 and earlier
allows remote attackers to spoof their IP via the CLIENT-IP HTTP
header.
Citrix NetScaler SD-WAN WAN Optimization Edition is not affected.
Credits
Denis Kolegov, Nikita Oleksov, Nikolay Tkachenko, Oleg Broslavsky,
Sergey Gordeychik
Kudos
Citrix Security Response Team
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed