CVE-2018-6186
published 2018-02-01CVE-2018-6186: Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The…
PriorityP359high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
3.14%
86.3th percentile
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_adc_gateway | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
CVE-2018-6186: Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. T
vendor_citrix·2018-02-01·CVSS 8.8
CVE-2018-6186 [HIGH] CWE-918 CVE-2018-6186: Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. T
CVE-2018-6186: Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
Citrix
Citrix Security Bulletin CTX232161
vendor_citrix·CVSS 8.8
CVE-2018-6186 [HIGH] Citrix Security Bulletin CTX232161
Citrix Security Bulletin CTX232161
CVE References: CVE-2018-6186, CVE-2018-6808, CVE-2018-6809, CVE-2018-6810, CVE-2018-6811, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-8jj3-gf74-g749: Citrix NetScaler VPX through NS12
ghsa_unreviewed·2022-05-14
CVE-2018-6186 [HIGH] CWE-918 GHSA-8jj3-gf74-g749: Citrix NetScaler VPX through NS12
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/102915http://www.securitytracker.com/id/1040440https://gist.github.com/buxu/04ce809eb8b32ef57e232eab5e61f023https://support.citrix.com/article/CTX232161http://www.securityfocus.com/bid/102915http://www.securitytracker.com/id/1040440https://gist.github.com/buxu/04ce809eb8b32ef57e232eab5e61f023https://support.citrix.com/article/CTX232161
2018-02-01
Published