Reflected code injection in Citrix ADC and Citrix Gateway versions prior to 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions prior to 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
citrix application_delivery_controller_firmware |
||
citrix netscaler_gateway_firmware |
||
citrix gateway_firmware |
||
citrix sd-wan_wanop |
Eleven flaws cleaned up including one that may be exploited to sling malware downloads Australian PM says nation under serious state-run 'cyber attack' – Microsoft, Citrix, Telerik UI bugs 'exploited'
Citrix has issued patches for 11 CVE-listed security vulnerabilities in its various networking products. The bundle includes fixes for one code injection bug, three information disclosure flaws, three elevation of privilege bugs, two cross-site scripting vulnerabilities, one denial-of-service hole, and one authorization-bypass flaw. Affected gear includes the Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP. So far there have been no reports of any of the bug...
Vulmon