← Back

CVE-2018-6810

nvd nist
Published: Mar 6, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.

Affected (8)

Citrix
2 products
Netscaler Gateway Firmware
Netscaler Application Delivery Controller Firmware
Configuration A
4 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Citrix
Netscaler Gateway Firmware
Version 10.5
Netscaler Gateway Firmware
Version 11.0
Netscaler Gateway Firmware
Version 11.1
Netscaler Gateway Firmware
Version 12.0
Running on/withPlatform Versions
Citrix
Netscaler Gateway
All versions
Configuration B
4 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Citrix
Netscaler Application Delivery Controller Firmware
Version 10.5
Netscaler Application Delivery Controller Firmware
Version 11.0
Netscaler Application Delivery Controller Firmware
Version 11.1
Netscaler Application Delivery Controller Firmware
Version 12.0
Running on/withPlatform Versions
Citrix
Netscaler Application Delivery Controller
All versions

Related CWEs

CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (4)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.