What is CVE-2020-8194?

CVE-2020-8194 is a vulnerability in Citrix Adc, Gateway, Sdwan Wan-op, classified under Code Injection. Published 2020-07-10.

Is CVE-2020-8194 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Citrix Adc, Gateway, Sdwan Wan-op

CVE-2020-8194

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file d…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.811 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a Citrix Adc, Gateway, Sdwan Wan-op — versions Citrix ADC and Citrix Gateway 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP 11.1.1a, 11.0.3d and 10.2.7

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

References

support.citrix.com/article/CTX276688 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-8194?: CVE-2020-8194 is a vulnerability in Citrix Adc, Gateway, Sdwan Wan-op, classified under Code Injection. Published 2020-07-10.
Is CVE-2020-8194 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.