Back to search
CVE-2017-6316
Published: Jul 20, 2017
Modified: Oct 21, 2025
PUBLISHED
Description
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie. On CloudBridge (the former name of NetScaler SD-WAN) devices, the cookie name was CAKEPHP rather than CGISESSID.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1039019
vdb-entry
x_refsource_SECTRACK
https://support.citrix.com/article/CTX225990
x_refsource_CONFIRM
42345
exploit
x_refsource_EXPLOIT-DB
99943
vdb-entry
x_refsource_BID
42346
exploit
x_refsource_EXPLOIT-DB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now