Arbitrary Command Execution Vulnerability in Citrix NetScaler Product
CVE-2015-5080

Currently unrated

Key Information:

Vendor

Citrix
Status
Netscaler Application Delivery Controller Firmware
Netscaler Gateway Firmware
Vendor
CVE Published:
16 July 2015

What is CVE-2015-5080?

The Management Interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway is vulnerable, allowing remote authenticated users to execute arbitrary shell commands. This is possible through the misuse of shell metacharacters in the filter parameter to the rapi/ipsec_logs endpoint. This vulnerability presents a significant risk, as it can be exploited to gain unauthorized access and control over the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://security-assessment.com/files/documents/advisory/C...
x_refsource_MISC
http://support.citrix.com/article/CTX201149
x_refsource_CONFIRM
http://www.securitytracker.com/id/1032762
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.