CVSS: 10.0EPSS: 92%CPEs: 2EXPL: 1CVE-2019-12985
https://notcve.org/view.php?id=CVE-2019-12985
16 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, presentan una Comprobación de Entrada Inapropiada (problema 1 de 6). • http://www.securityfocus.com/bid/109133 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 92%CPEs: 2EXPL: 1CVE-2019-12986
https://notcve.org/view.php?id=CVE-2019-12986
16 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, presentan una Comprobación de Entrada Inapropiada (problema 2 de 6). • http://www.securityfocus.com/bid/109133 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 92%CPEs: 2EXPL: 1CVE-2019-12987
https://notcve.org/view.php?id=CVE-2019-12987
16 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, presentan una Comprobación de Entrada Inapropiada (problema 3 de 6). • http://www.securityfocus.com/bid/109133 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 92%CPEs: 2EXPL: 1CVE-2019-12988
https://notcve.org/view.php?id=CVE-2019-12988
16 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6). SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, presentan una Comprobación de Entrada Inapropiada (problema 4 de 6). • http://www.securityfocus.com/bid/109133 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 91%CPEs: 2EXPL: 1CVE-2019-12990
https://notcve.org/view.php?id=CVE-2019-12990
16 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal. SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, permiten un Salto de Directorio. • http://www.securityfocus.com/bid/109133 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 1CVE-2019-12992
https://notcve.org/view.php?id=CVE-2019-12992
16 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 6 of 6). SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, presentan una Comprobación de Entrada Inapropiada (problema 6 de 6). • http://www.securityfocus.com/bid/109133 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 81%CPEs: 2EXPL: 4CVE-2019-12991 – Citrix SD-WAN and NetScaler Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-12991
15 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6). SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, presentan una Comprobación de Entrada Inapropiada (problema 5 de 6). Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities. Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appli... • https://packetstorm.news/files/id/153638 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 81%CPEs: 2EXPL: 4CVE-2019-12989 – Citrix SD-WAN and NetScaler SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-12989
15 Jul 2019 — Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. SD-WAN versiones 10.2.x anteriores a 10.2.3 de Citrix y SD-WAN versiones 10.0.x anteriores a 10.0.8 de NetScaler, permiten una Inyección SQL. Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities. Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection. • https://packetstorm.news/files/id/153638 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11550
https://notcve.org/view.php?id=CVE-2019-11550
08 May 2019 — Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation. Citrix SD-WAN 10.2.x versiones anteriores a 10.2.1 y NetScaler SD-WAN 10.0.x anteriores a 10.0.7 tienen una validación de certificado incorrecta. • https://support.citrix.com/article/CTX247735 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0CVE-2018-17444 – Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
https://notcve.org/view.php?id=CVE-2018-17444
23 Oct 2018 — A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. Se ha descubierto un problema de salto de directorio en Citrix SD-WAN 10.1.0 y NetScaler SD-WAN en versiones 9.3.x anteriores a la 9.3.6 y versiones 10.0.x anteriores a la 10.0.4. The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofing, remote SQL ... • http://www.securityfocus.com/bid/105711 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •