CVE-2018-6810
published 2018-03-06CVE-2018-6810: Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to…
PriorityP348high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EPSS
4.60%
90.5th percentile
Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | netscaler_gateway_firmware | — | — |
| citrix | xenserver | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Citrix
Citrix Security Bulletin CTX232161
vendor_citrix·CVSS 8.8
CVE-2018-6186 [HIGH] Citrix Security Bulletin CTX232161
Citrix Security Bulletin CTX232161
CVE References: CVE-2018-6186, CVE-2018-6808, CVE-2018-6809, CVE-2018-6810, CVE-2018-6811, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
GHSA
GHSA-5jrp-g377-9qh6: Directory traversal vulnerability in NetScaler ADC 10
ghsa_unreviewed·2022-05-14
CVE-2018-6810 [HIGH] CWE-22 GHSA-5jrp-g377-9qh6: Directory traversal vulnerability in NetScaler ADC 10
Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-03-06
Published