Citrix SD-WAN Center and NetScaler SD-WAN Center addModifyZTDProxy Unauthenticated Remote Command Injection
Critical Nessus Plugin ID 130347
SynopsisThe remote host is affected by a remote command injection vulnerability.
DescriptionThe remote Citrix SD-WAN Center or NetScaler SD-WAN Center is affected by a remote command injection vulnerability due to improper sanitization of user-supplied input in the addModifyZTDProxy action of NmsController. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to execute arbitrary commands on the remote host with root privileges.
Note that Nessus can perform an additional check for this vulnerability. To do so, re-run the scan with the setting 'Perform thorough tests (may disrupt your network or impact scan speed)' enabled.
SolutionUpgrade to Citrix SD-WAN Center version 10.2.3 or later or NetScaler SD-WAN Center version 10.0.8 or later.