GradeZero Music Band

Wednesday, November 7, 2018

Citrix NetScaler SD-WAN vulnerabilities details

On CTX236992, mode details and exploitation vectors by Sergey Gordeychik, Denis Kolegov, Nikita Oleksov, Nikolay Tkachenko, Oleg Broslavsky

Unauthenticated Access to Munin Service
Incorrect Access Controls
Cross-Site Request Forgery
Use of CakePHP Component with Known Vulnerabilities
Cross-Site Scripting(s)
Path Traversal(s)
SQL Injection(s)
Slow HTTP DoS Attacks
Session ID Leakage
Sudo Misconfiguration
OS Command Injection(s)



Write-up

Enjoy

No comments:

Post a Comment