EUVD-2018-17948

Malware in sbrugna...

The vulnerability of the Citrix NetScaler delivery mechanism, related to insufficient validation of incoming requests, allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the Citrix NetScaler web application delivery mechanism lies in insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor, operating remotely with webapp privileges, to gain access to the nsroot account and execute arbitrary commands...

Citrix NetScaler VPX Server-Side Request Forgery Vulnerability

NetScaler VPX provides complete NetScaler Web and application load balancing, security and remote access, acceleration, security and offloading capabilities in a simple, easy-to-install virtual appliance. A server-side request forgery vulnerability exists in Citrix NetScaler VPX. An authenticated...

CVE-2018-6186

Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/readurl URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges...