SSRF Vulnerability in Citrix NetScaler VPX through NS12.0 53.13.nc

SSRF Vulnerability in Citrix NetScaler VPX through NS12.0 53.13.nc

CVE-2018-6186 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.

Learn more about our Web App Pen Testing.