Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix sd-wan vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-22927
A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an malicious user to hijack a session.
Citrix Application Delivery Controller Firmware
Citrix Netscaler Gateway
Citrix Gateway
6.5
CVSSv3
CVE-2020-8300
Citrix ADC and Citrix/NetScaler Gateway prior to 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS prior to 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC ...
Citrix Netscaler Gateway
Citrix Gateway
Citrix Application Delivery Controller Firmware
1 Github repository
6.5
CVSSv3
CVE-2021-22920
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishi...
Citrix Gateway 13.0-82.42
Citrix Gateway 12.1-62.25
Citrix Application Delivery Management 12.1-62.25
Citrix Application Delivery Management 13.0-82.42
7.5
CVSSv3
CVE-2021-22955
A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an malicious user to cause a temporary disruption of the Management GUI, Nitro API, and RPC co...
Citrix Application Delivery Controller Firmware
Citrix Gateway
8.8
CVSSv3
CVE-2020-8197
Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions prior to 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.
Citrix Application Delivery Controller Firmware
Citrix Netscaler Gateway Firmware
Citrix Gateway Firmware
1 Article
7.5
CVSSv3
CVE-2020-8187
Improper input validation in Citrix ADC and Citrix Gateway versions prior to 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.
Citrix Application Delivery Controller Firmware
Citrix Netscaler Gateway Firmware
1 Article
7.2
CVSSv3
CVE-2017-14602
A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12...
Citrix Netscaler Gateway Firmware 10.1
Citrix Netscaler Gateway Firmware 10.5e
Citrix Netscaler Gateway Firmware 11.0
Citrix Netscaler Gateway Firmware 10.5
Citrix Netscaler Gateway Firmware 11.1
Citrix Application Delivery Controller Firmware 12.0
Citrix Application Delivery Controller Firmware 10.1
Citrix Application Delivery Controller Firmware 11.0
Citrix Application Delivery Controller Firmware 11.1
Citrix Application Delivery Controller Firmware 10.5e
Citrix Application Delivery Controller Firmware 10.5
Citrix Netscaler Gateway Firmware 12.0
7.8
CVSSv3
CVE-2020-8199
Improper access control in Citrix ADC Gateway Linux client versions prior to 1.0.0.137 results in local privilege escalation to root.
Citrix Gateway Plug-in For Linux
1 Article
9.8
CVSSv3
CVE-2019-19781
An issue exists in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Citrix Application Delivery Controller Firmware 10.5
Citrix Application Delivery Controller Firmware 11.1
Citrix Application Delivery Controller Firmware 12.0
Citrix Application Delivery Controller Firmware 12.1
Citrix Application Delivery Controller Firmware 13.0
Citrix Netscaler Gateway Firmware 10.5
Citrix Netscaler Gateway Firmware 11.1
Citrix Netscaler Gateway Firmware 12.0
Citrix Netscaler Gateway Firmware 12.1
Citrix Gateway Firmware 13.0
2 Metasploit modules
64 Github repositories
21 Articles
7.5
CVSSv3
CVE-2016-4793
The clientIp function in CakePHP 3.2.4 and previous versions allows remote malicious users to spoof their IP via the CLIENT-IP HTTP header.
Cakephp Cakephp
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »