Recently, a remote code execution vulnerability was discovered in the Citrix NetScaler SD-WAN and Citrix CloudBridge tracked as CVE-2017-6316. The vulnerability exist in the session management functionality. If the cookie holds shell-command data – it is used in a call to system where input is processed unsanitized. This allows an attacker to execute arbitrary commands … Continue reading “Citrix NetScaler SD-WAN and CloudBridge Virtual WAN Management Interface Remote Code Execution Vulnerability”