Vulnerability: Citrix SD-WAN Center - Remote Command Injection

Citrix SD-WAN Center is susceptible to remote command injection via the trace_route function in DiagnosticsController, which does not sufficiently validate or sanitize HTTP request parameter values used to construct a shell command. An attacker can trigger this vulnerability by routing traffic through the Collector controller and supplying a crafted value for ipAddress, thereby potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations.

Impact

Successful exploitation of this vulnerability can lead to unauthorized access, data exfiltration, and potential compromise of the entire SD-WAN infrastructure.

Severity

critical

Verified

Unknown