CVE-2019-12991
CVE-2019-12991
Vexday Risk Score
93Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 8.8EPSS 74.5%KEV simPoC públicaNuclei —Metasploit —Patch —
Lifecycle
12 Jul 2019Public PoC
16 Jul 2019Published on NVD
25 Mar 2022Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
Citrix SD-WAN and NetScaler SD-WAN versions before specific updates fail to properly validate user input, which can allow attackers to execute arbitrary commands on affected systems.
Technical detail
The vulnerability stems from improper input validation in Citrix SD-WAN 10.2.x (<10.2.3) and NetScaler SD-WAN 10.0.x (<10.0.8), enabling OS command injection (CWE-78). An attacker with network access to the vulnerable application can inject malicious input that bypasses validation filters, leading to unauthenticated remote code execution with system-level privileges.
Summary generated and translated by AI from the official description.
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 5 of 6).
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47112unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/153638/Citrix-SD-WAN-Appliance-10.2.2-Authentication-Bypass-Remote-Command-Execution.htmlhttps://support.citrix.com/article/CTX251987https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-12991https://www.tenable.com/security/research/tra-2019-32http://www.securityfocus.com/bid/109133