← back
CVE-2019-12989

CVE-2019-12989

CVSS 9.8 CRITICALEPSS 94.4%● KEVCWE-89
In short

Citrix SD-WAN and NetScaler SD-WAN versions before specific patches allow attackers to inject malicious SQL commands into the application, potentially exposing or modifying sensitive data stored in the database.

Technical detail

SQL Injection vulnerability in Citrix SD-WAN 10.2.x (before 10.2.3) and NetScaler SD-WAN 10.0.x (before 10.0.8) allows unauthenticated or low-privileged attackers to execute arbitrary SQL queries, enabling unauthorized data access, modification, or deletion. The attack vector is network-based with no user interaction required (CVSS 9.8).

Summary generated and translated by AI from the official description.
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47112unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.htmlhttps://support.citrix.com/article/CTX251987https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-12989https://www.tenable.com/security/research/tra-2019-32http://www.securityfocus.com/bid/109133