CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2019-11550
https://notcve.org/view.php?id=CVE-2019-11550
08 May 2019 — Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation. Citrix SD-WAN 10.2.x versiones anteriores a 10.2.1 y NetScaler SD-WAN 10.0.x anteriores a 10.0.7 tienen una validación de certificado incorrecta. • https://support.citrix.com/article/CTX247735 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0CVE-2018-17444 – Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
https://notcve.org/view.php?id=CVE-2018-17444
23 Oct 2018 — A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. Se ha descubierto un problema de salto de directorio en Citrix SD-WAN 10.1.0 y NetScaler SD-WAN en versiones 9.3.x anteriores a la 9.3.6 y versiones 10.0.x anteriores a la 10.0.4. The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofing, remote SQL ... • http://www.securityfocus.com/bid/105711 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2018-17445 – Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
https://notcve.org/view.php?id=CVE-2018-17445
23 Oct 2018 — A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. Se ha descubierto un problema de inyección de comandos en Citrix SD-WAN 10.1.0 y NetScaler SD-WAN en versiones 9.3.x anteriores a la 9.3.6 y versiones 10.0.x anteriores a la 10.0.4. The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofing, remote SQL ... • http://www.securityfocus.com/bid/105711 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-17446 – Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
https://notcve.org/view.php?id=CVE-2018-17446
23 Oct 2018 — A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. Se ha descubierto un problema de inyección SQL en Citrix SD-WAN 10.1.0 y NetScaler SD-WAN en versiones 9.3.x anteriores a la 9.3.6 y versiones 10.0.x anteriores a la 10.0.4. The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofing, remote SQL injection, a... • http://www.securityfocus.com/bid/105711 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-17447 – Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
https://notcve.org/view.php?id=CVE-2018-17447
23 Oct 2018 — An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. Se ha descubierto un problema de exposición de información mediante archivos de registro en Citrix SD-WAN 10.1.0 y NetScaler SD-WAN en versiones 9.3.x anteriores a la 9.3.6 y versiones 10.0.x anteriores a la 10.0.4. The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information expo... • http://www.securityfocus.com/bid/105711 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-17448 – Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
https://notcve.org/view.php?id=CVE-2018-17448
23 Oct 2018 — An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. Se ha descubierto un problema de control de acceso incorrecto en Citrix SD-WAN 10.1.0 y NetScaler SD-WAN en versiones 9.3.x anteriores a la 9.3.6 y versiones 10.0.x anteriores a la 10.0.4. The management interfaces of Citrix NetScaler SD-WAN physical appliances and virtual appliances suffer from command injection, information exposure, incorrect access control, IP spoofi... • http://www.securityfocus.com/bid/105711 •
CVSS: 7.5EPSS: 3%CPEs: 7EXPL: 0CVE-2018-5314
https://notcve.org/view.php?id=CVE-2018-5314
01 Mar 2018 — Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt. Vulnerabilidad de inyección de comandos en Citrix NetScaler ADC y NetScaler Gateway en versiones 11.0 anterio... • http://www.securityfocus.com/bid/103186 • CWE-287: Improper Authentication •