CVE-2015-5080 Information

Description

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8 10.5 before Build 56.15 and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs.

Reference

http://security-assessment.com/files/documents/advisory/Citrix-Netscaler-Final.pdf http://support.citrix.com/article/CTX201149 http://www.securityfocus.com/bid/75505 http://www.securitytracker.com/id/1032762