CVE-2018-6810

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.

Published: Mar 6, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-6810
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
citrix / netscaler_gateway_firmware	10.5	10.5.x
citrix / netscaler_gateway_firmware	11.0	11.0.x
citrix / netscaler_gateway_firmware	11.1	11.1.x
citrix / netscaler_gateway_firmware	12.0	12.0.x
citrix / netscaler_application_delivery_controller_firmware	10.5	10.5.x
citrix / netscaler_application_delivery_controller_firmware	11.0	11.0.x
citrix / netscaler_application_delivery_controller_firmware	11.1	11.1.x
citrix / netscaler_application_delivery_controller_firmware	12.0	12.0.x

Vulnerability Database

289,784

CVE-2018-6810