writeups.xyz / SD-PWN Part 2 — Citrix SD-WAN Center — Another Network Takeover

Submitter : c2a

Date: 15 November 2020

Bounty : undisclosed

Vulnerabilities :

• RCE
• Authentication Bypass
• Path Traversal
• OS Command Injection
• Local Privilege Escalation

Programs :

• Citrix Systems

Authors :

• Realmode Labs (@RealmodeLabs)

Link :
https://medium.com/realmodelabs/sd-pwn-part-2-citrix-sd-wan-center-another-network-takeover-a9c950a1a27c