Vulnerability Details : CVE-2017-6316
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.
Vulnerability category: Input validation
CVE-2017-6316 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Citrix Multiple Products Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also
Added on
2022-03-25
Action due date
2022-04-15
Exploit prediction scoring system (EPSS) score for CVE-2017-6316
Probability of exploitation activity in the next 30 days: 96.17%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-6316
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2017-6316
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-6316
-
https://www.exploit-db.com/exploits/42345/
Netscaler SD-WAN 9.1.2.26.561201 - Command Injection (Metasploit)Exploit;Third Party Advisory;VDB Entry
-
https://www.exploit-db.com/exploits/42346/
Citrix CloudBridge - 'CAKEPHP' Cookie Command InjectionThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/99943
Multiple Citrix Products CVE-2017-6316 Remote Code Execution Vulnerability
-
https://support.citrix.com/article/CTX225990
Vulnerability in Citrix NetScaler SD-WAN Enterprise & Standard Edition and Citrix CloudBridge Virtual WAN Edition Could Result in Unauthenticated Remote Code Execution
-
http://www.securitytracker.com/id/1039019
Citrix NetScaler SD-WAN Unspecified Flaw in Management Interface Lets Remote Users Execute Arbitrary Code on the Target System - SecurityTracker
Products affected by CVE-2017-6316
- cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:*