Arbitrary Command Execution Vulnerability in Citrix NetScaler Product
CVE-2015-5080
Currently unrated
Key Information:
- Vendor
- Citrix
- Vendor
- CVE Published:
- 16 July 2015
Summary
The Management Interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway is vulnerable, allowing remote authenticated users to execute arbitrary shell commands. This is possible through the misuse of shell metacharacters in the filter parameter to the rapi/ipsec_logs endpoint. This vulnerability presents a significant risk, as it can be exploited to gain unauthorized access and control over the affected systems.
References
Timeline
Vulnerability published
Vulnerability Reserved