CVE-2007-4017
published 2007-07-26CVE-2007-4017: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers…
PriorityP432high7.6CVSS 2.0
AVNACHAuNCCICAC
EPSS
2.49%
82.7th percentile
Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | access_gateway | — | — |
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
CVE-2007-4017: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote a
vendor_citrix·2007-07-26·CVSS 7.6
CVE-2007-4017 [HIGH] CVE-2007-4017: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote a
CVE-2007-4017: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators.
Citrix
Citrix Security Bulletin CTX113817
vendor_citrix·CVSS 7.6
CVE-2007-4017 [HIGH] Citrix Security Bulletin CTX113817
Citrix Security Bulletin CTX113817
CVE References: CVE-2007-4017, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
Citrix
Citrix Security Bulletin CTX114028
vendor_citrix·CVSS 4.3
CVE-2007-3679 [MEDIUM] Citrix Security Bulletin CTX114028
Citrix Security Bulletin CTX114028
CVE References: CVE-2007-3679, CVE-2007-4013, CVE-2007-4016, CVE-2007-4017, CVE-2007-4018, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-g35q-w93f-4c48: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4
ghsa_unreviewed·2022-05-01
CVE-2007-4017 [HIGH] GHSA-g35q-w93f-4c48: Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4
Cross-site request forgery (CSRF) vulnerability in the web-based administration console in Citrix Access Gateway before firmware 4.5.5 allows remote attackers to perform certain configuration changes as administrators.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/37841http://secunia.com/advisories/26143http://support.citrix.com/article/CTX113817http://support.citrix.com/article/CTX114028http://www.securityfocus.com/bid/24975http://www.securitytracker.com/id?1018435http://www.vupen.com/english/advisories/2007/2583https://exchange.xforce.ibmcloud.com/vulnerabilities/35513http://osvdb.org/37841http://secunia.com/advisories/26143http://support.citrix.com/article/CTX113817http://support.citrix.com/article/CTX114028http://www.securityfocus.com/bid/24975http://www.securitytracker.com/id?1018435http://www.vupen.com/english/advisories/2007/2583https://exchange.xforce.ibmcloud.com/vulnerabilities/35513
2007-07-26
Published