CVE-2018-6808

HIGH

NetScaler ADC and Gateway 10.5 11.0 11.1 12.0 - Unauthenticated Arbitrary File Read

Title source: llm
STIX 2.1

Description

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.citrix.com/article/CTX232161
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040440

Scores

CVSS v3 7.5
EPSS 0.0032
EPSS Percentile 54.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (8)
citrix/netscaler_application_delivery_controller_firmware 10.5
citrix/netscaler_application_delivery_controller_firmware 11.0
citrix/netscaler_application_delivery_controller_firmware 11.1
citrix/netscaler_application_delivery_controller_firmware 12.0
citrix/netscaler_gateway_firmware 10.5
citrix/netscaler_gateway_firmware 11.0
citrix/netscaler_gateway_firmware 11.1
citrix/netscaler_gateway_firmware 12.0
Published Mar 06, 2018
Tracked Since Feb 18, 2026