Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
citrix netscaler 12.0 |