-
-
Save tree-chtsec/30932b9c94b8c7e4209d22b8b52d597f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > [Suggested description] | |
| > Citrix XenMobile Server 10.12 RP9 and before, there is an Authenticated Directory Traversal vulnerability, leading to remote code execution. | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Vulnerability Type] | |
| > Directory Traversal | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Vendor of Product] | |
| > Citrix | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Affected Product Code Base] | |
| > XenMobile 10.12 | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Affected Component] | |
| > XenMobile Rest API | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Attack Type] | |
| > Remote | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Impact Code execution] | |
| > true | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Reference] | |
| > https://docs.citrix.com/en-us/xenmobile/server/document-history.html | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Discoverer] | |
| > CHT Security/Tree |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment