Citrix SD-WAN Multiple Security Vulnerabilities

Citrix SD-WAN is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Exploiting these issues may allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, execute arbitrary code, or obtain sensitive information using directory-traversal characters ('../') to access files outside of the restricted directory. This may lead to other attacks.

Following product versions are vulnerable:

Citrix SD-WAN 10.1.0
NetScaler SD-WAN 9.3.x before 9.3.6
NetScaler SD-WAN 10.0.x before 10.0.4


 

Privacy Statement
Copyright 2010, SecurityFocus