CVE-2019-12991
CVE-2019-12991
In short
Citrix SD-WAN and NetScaler SD-WAN versions before specific updates fail to properly validate user input, which can allow attackers to execute arbitrary commands on affected systems.
Technical detail
The vulnerability stems from improper input validation in Citrix SD-WAN 10.2.x (<10.2.3) and NetScaler SD-WAN 10.0.x (<10.0.8), enabling OS command injection (CWE-78). An attacker with network access to the vulnerable application can inject malicious input that bypasses validation filters, leading to unauthenticated remote code execution with system-level privileges.
Summary generated and translated by AI from the official description.
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47112unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.htmlhttps://support.citrix.com/article/CTX251987https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-12991https://www.tenable.com/security/research/tra-2019-32http://www.securityfocus.com/bid/109133