How to Set CloudBridge 2000\3000 SVM Management IP Address Using LOM Port

This article describes how to set CloudBridge 2000\3000 appliance's SVM Management IP address by using the Lights Out Management LOM port. Requirements:- You require a routable remote IP connectivity to the LOM port for Graphical User Interface GUI and access to the Service VM SVM GUI to run the...

CloudBridge Virtual WAN Gateway Mode and Inline Deployment Steps

This article provides step-by-step procedure in configuring a CloudBridge Virtual WAN appliance in Gateway mode based on a sample network setup...

How to Reset the XenServer Host Password on a CloudBridge 2000/3000/4000/5000

This article describes how to reset the XenServer Host password on a CloudBridge 2000/3000/4000/5000. The procedure can be completed when credentials are not working to access the SVM, XS, and Serial Console...

CloudBridge 4000 and 5000 to Optimize NetApp SnapMirror Traffic1

This article describes how you can configure Citrix CloudBridge 4000 and 5000 to optimize NetApp SnapMirror traffic between two Data centers. The article also provides the benchmarking results from lab testing efforts to quantify the gains that can be attained by deploying NetApp SnapMirror...

Acceleration Does Not Work After Cisco ASA 8.x is Configured to Allow TCP Options

Installed Citrix CloudBridge as INLINE in two sites, which are connected through an IPSec VPN using Cisco ASA firewall. The TCP option policy, as suggested in CTX112401 – Acceleration Does Not Take Place for Configured Traffic Types, is applied to ASA, but acceleration still does not work. The...

How to Apply DSCP Marking to CloudBridge Appliance with QoS Enabled

This article explains how to apply DSCP marking to CloudBridge appliance when Quality of Service QoSis enabled. Background Many networking environments use different QoS engine/traffic shaper outside of CloudBridge and hence disable the QoS feature of CloudBridge. Some of the users however would...

CloudBridge Virtual WAN PBR Mode and Inline Deployment Steps

This article depicts a step-by-step procedure to configure two CloudBridge Virtual WAN appliances: Data Center Appliance in PBR mode Virtual Inline Mode Branch Appliance in Inline mode...

How to Find Maximum Size of IP Data Payload that can Traverse WAN Environment Without Fragmentation

Citrix SD-WAN, formerly NetScaler SD-WAN This article describes how to find out the maximum size of IP data payload that can traverse a WAN environment without fragmentation. Background The CloudBridge acceleration parameters are sent through TCP options, which use the space in the IP data payloa...

FAQ: Fail-To-Wire Feature in CloudBridge 2000 and 3000 Appliances

This article is an FAQ on the Fail-To-Wire FTW functionality found in the new Citrix CloudBridge 2000 and Citrix CloudBridge 3000 appliances. Q: What is the supported software release? A : The FTW feature is supported with the following software releases: SVM build: NS 10.0.72.5007 CloudBridge...

How to Change the Date, Time and Time Zone in CloudBridge

This article provides information on how to set the correct date, time and time zone through the CloudBridge UI...

VulnCheck KEV: CVE-2017-6316

A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability...

CVE-2018-5314

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition...

CVE-2017-14602 - Authentication Bypass Vulnerability in the Management Interface of Citrix NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition Appliances

Description of Problem A vulnerability has been identified in the management interface of the Citrix NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition appliances. This vulnerability, if exploited, could allow an attacker with access to the management interface of the...

Citrix CloudBridge RCE

Remote command execution vulnerability in Citrix CloudBridge Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

CVE-2017-6316

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge the former name of NetScaler SD-WAN devices, the cookie name was CAKEPHP rather than CGISESSID...

Design/Logic Flaw

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge the former name of NetScaler SD-WAN devices, the cookie name was CAKEPHP rather than CGISESSID...

CVE-2017-6316

Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge the former name of NetScaler SD-WAN devices, the cookie name was CAKEPHP rather than CGISESSID...

Citrix CloudBridge - CAKEPHP Cookie Command Injection Vulnerability

Exploit for cgi platform in category web applications POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer:...

Citrix CloudBridge CAKEPHP Cookie Command Injection

POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer: https://10.242.129.149/cgi-bin/login.cgi?redirect=/ Cookie: CAKEPHP=sleep 10 Content-Type...

Citrix CloudBridge - CAKEPHP Cookie Command Injection

Citrix CloudBridge - CAKEPHP Cookie Command Injection POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer:...