CVE-2026-4116

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication...

CVE-2026-20014

The CVE concerns Cisco Secure Firewall ASA Software and Cisco Secure FTD Software with an IKEv2 handling flaw. An authenticated remote attacker with valid VPN user credentials can send crafted IKEv2 packets to trigger a DoS by exhausting memory, leading to a device reload and potential impact on ...

CVE-2020-27724

In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially-crafted malicious traffic ove...

CVE-2019-18177

In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update...

Aviatrix Gateway 授权问题漏洞

Aviatrix Gateway is a single common platform for multi-cloud networks from Aviatrix USA. A security vulnerability in Aviatrix Gateway versions prior to 6.6.5712 and 6.7.x prior to 6.7.1376 stems from an API function that improperly handles authentication, allowing an authenticated VPN user to...

Code injection

In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially-crafted malicious traffic ove...

CVE-2020-27724

The CVE-2020-27724 entry concerns F5 BIG-IP APM with multiple TMM instances where authenticated VPN users can exhaust resources by sending crafted traffic through the VPN tunnel. Affected releases include BIG-IP APM 16.x (16.0.0–16.0.0.1), 15.x (15.1.0–15.1.0.4, 15.0.0–15.0.1.3), 14.x (14.1.0–14....

PT-2020-6826 · Citrix · Citrix Adc +1

Name of the Vulnerable Software and Affected Versions: Citrix ADC and Citrix Gateway versions 13.0-58.30 and later releases before the CTX276688 update Description: The issue is related to insufficient protection of service data in the implementation of SSL VPN controller delivery in Citrix ADC a...

Heap Overflow Vulnerability in Citrix NetScaler Gateway (CVE-2017-7219)

After presenting my findings on the Swisscom router at the CybSecConference last year, I started looking for a new product to analyze. I quickly found that it’s possible to download virtual “demo” appliances of Citrix products, so I went on to download a Netscaler VPX, which at the time was at...