SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Citrix SD-WAN Center Command Injection 9

Category: IoT-ATTACKS      

The "create" action in UsersController is susceptible to command injection by a remote, authenticated attacker. Specifically, the create function does not sufficiently validate or sanitize HTTP request parameter values that are used to construct a shell command. Affected Products are NetScaler SD-WAN 9.x, NetScaler SD-WAN 10.0.x before 10.0.8, Citrix SD-WAN 10.1.x, Citrix SD-WAN 10.2.x before 10.2.3.


Relevant Information