Arbitrary Command Execution in Citrix NetScaler ADC and Gateway

Arbitrary Command Execution in Citrix NetScaler ADC and Gateway

CVE-2015-5080 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs.

Learn more about our Api Penetration Testing.