CVE-2020-8193 PoC — Citrix System SDWAN WAN-OP 授权问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-8193.yaml

Associated Vulnerability

Title:Citrix System SDWAN WAN-OP 授权问题漏洞 (CVE-2020-8193)
Description:Citrix Systems Citrix System SDWAN WAN-OP是美国思杰系统（Citrix Systems）公司的一款SD-WAN（虚拟软件定义的广域网）设备。 Citrix Systems Citrix ADC、Citrix Gateway和Citrix SDWAN WAN-OP中存在授权问题漏洞。攻击者可利用该漏洞未经身份验证访问某些URL端点。以下产品及版本受到影响：Citrix Systems Citrix ADC 13.0-58.30之前版本，12.1-57.18之前版本，1

Description

Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 are vulnerable to local file inclusion because they allow unauthenticated access to certain URL endpoints.

File Snapshot


 id: CVE-2020-8193

info:
  name: Citrix  - Local File Inclusion
  author: pdteam
  severity: medium


...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!