Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-8209
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Citrix Systems XenMobile Server 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Citrix Systems XenMobile Server是美国思杰系统(Citrix Systems)公司的一套移动管理解决方案。该方案能够管理移动设备、制定移动策略和合规性规则、深入了解移动移动网络运行情况等。 Citrix Systems XenMobile Server中存在路径遍历漏洞。攻击者可利用该漏洞读取正在运行应用程序的服务器上的任意文件。以下产品及版本受到影响:Citrix Systems XenMobile Server 10.12 RP2之前版本,10.11 RP4之前版本,10
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-Citrix XenMobile Server Citrix XenMobile Server 10.12 RP2, Citrix XenMobile Server 10.11 RP4, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 -
II. Public POCs for CVE-2020-8209
#POC DescriptionSource LinkShenlong Link
1该脚本为Citrix XenMobile 目录遍历漏洞(CVE-2020-8209)批量检测脚本。https://github.com/B1anda0/CVE-2020-8209POC Details
2Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6, and Citrix XenMobile Server before 10.9 RP5 are susceptible to local file inclusion vulnerabilities. reference: - https://swarm.ptsecurity.com/path-traversal-on-citrix-xenmobile-server/ - https://support.citrix.com/article/CTX277457 - https://nvd.nist.gov/vuln/detail/CVE-2020-8209 https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-8209.yamlPOC Details
3Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Citrix%20XenMobile%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%20CVE-2020-8209.mdPOC Details
4Nonehttps://github.com/chaitin/xray-plugins/blob/main/poc/manual/citrix-xenmobile-cve-2020-8209.ymlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2020-8209
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: Citrix XenMobile Server
Same vendor: n/a
Same weakness: CWE-22
V. Comments for CVE-2020-8209

No comments yet

Leave a comment