Citrix: >> Netscaler Sd-Wan >> 9.1.2.26.561201 Security Vulnerabilities
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.
CVSS Score
5.9
EPSS Score
0.001
Published
2019-05-08
CVE-2017-6316
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.
Known exploited
CVSS Score
9.8
EPSS Score
0.884
Published
2017-07-20