Citrix Multiple Products Remote Code Execution Vulnerability

NVD

Known Exploited Vulnerability

CVE-2017-6316, Citrix Multiple Products Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.

The following remediation steps are recommended / required by April 15, 2022: Apply updates per vendor instructions.