Vulnerabilities > Citrix > Netscaler SD WAN > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-07-16 CVE-2019-12985 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12986 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12987 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12988 OS Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6).
network
low complexity
citrix CWE-78
critical
 9.8
9.8
2019-07-16 CVE-2019-12989 SQL Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
network
low complexity
citrix CWE-89
critical
 9.8
9.8
2019-07-16 CVE-2019-12990 Path Traversal vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.
network
low complexity
citrix CWE-22
critical
 9.8
9.8
2018-10-23 CVE-2018-17445 Command Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
network
low complexity
citrix CWE-77
critical
 9.8
9.8
2018-10-23 CVE-2018-17446 SQL Injection vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
network
low complexity
citrix CWE-89
critical
 9.8
9.8
2018-10-23 CVE-2018-17448 Unspecified vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
network
low complexity
citrix
critical
 9.8
9.8
2017-07-20 CVE-2017-6316 Unspecified vulnerability in Citrix Netscaler Sd-Wan
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie.
network
low complexity
citrix
critical
 9.8
9.8