CVE-2020-8194 PoC — Citrix Systems Citrix Application Delivery Controller、Citrix Gateway和Citrix SDWAN WAN-OP 代码注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-8194.yaml

Associated Vulnerability

Title:Citrix Systems Citrix Application Delivery Controller、Citrix Gateway和Citrix SDWAN WAN-OP 代码注入漏洞 (CVE-2020-8194)
Description:Citrix Systems Citrix Application Delivery Controller（ADC）等都是美国思杰系统（Citrix Systems）公司的产品。Citrix Application Delivery Controller是一款应用交付控制器。Citrix Systems Gateway（Citrix Systems NetScaler Gateway）是一套安全的远程接入解决方案。Citrix System SDWAN WAN-OP是一款SD-WAN（虚拟软件定义的广域网

Description

Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18. Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allow modification of a file download.

File Snapshot


 id: CVE-2020-8194

info:
  name: Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection
  a

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!