CVSS: 9.0EPSS: 0%CPEs: 27EXPL: 0CVE-2015-5080
https://notcve.org/view.php?id=CVE-2015-5080
16 Jul 2015 — The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs. La interfaz de gestión en Citrix NetScaler Application Delivery Controller (ADC) y NetScaler Gateway 10.1 anterior a 10.1.132.8, 10.5 anterior a Build 56.15 y 10.5.e anterior a Build 56... • http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2014-8580
https://notcve.org/view.php?id=CVE-2014-8580
07 Nov 2014 — Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via unknown vectors. Citrix NetScaler Application Delivery Controller y NetScaler Gateway 10.5.50.10 anterior a 10.5-52.11, 10.1.122.17 anterior a 10.1-129.11, y 10.1-120.1316.e anterior a 10.1-129.1105.e, cunado util... • http://secunia.com/advisories/62114 • CWE-264: Permissions, Privileges, and Access Controls •