ADC

Signature update version 53

September 21, 2023

Contributed by:

C S

New signatures rules are generated for the vulnerabilities identified in the week 2020-11-10. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.

Signature version

Signatures are compatible with the following software versions of Citrix Application Delivery Controller (ADC) 11.1, 12.0, 12.1, 13.0 and 13.1.

NetScaler version 12.0 has reached end of life (EOL). For more information, see release life cycle page.

Note:

Enabling Post body and Response body signature rules might affect NetScaler CPU.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule	CVE ID	Description
999411		WEB-WORDPRESS WordPress plug-in wpDiscuz 7.0.0 Up To 7.0.4 - Unauthenticated Arbitrary File Upload Vulnerability
999412		WEB-WORDPRESS Quiz & Survey Master - cross-site scripting Vulnerability in Questions Feature
999413		WEB-WORDPRESS WordPress plug-in File Manager Prior To 6.9 - Unauthenticated elFinder Commands Execution Vulnerability
999414	CVE-2020-11700	WEB-MISC Titan SpamTitan Prior To 7.08 - Information Disclosure Vulnerability (CVE-2020-11700)
999415	CVE-2020-9446	WEB-MISC Apache OFBiz 17.12.03 - XML-RPC Unsafe Deserialization Vulnerability (CVE-2020-9446)
999416	CVE-2020-9446	WEB-MISC Apache OFBiz 17.12.03 - XML-RPC Cross-Site Scripting Vulnerability (CVE-2020-9446)
999417	CVE-2020-9047	WEB-MISC exacqVision Web Service Up To 20.06.3.0 - OS Command Injection Vulnerability (CVE-2020-9047)
999418	CVE-2020-8866	WEB-MISC Horde Groupware Webmail Edition 5.2.22 - Unrestricted Upload of File Vulnerability Via edit.php (CVE-2020-8866)
999419	CVE-2020-8866	WEB-MISC Horde Groupware Webmail Edition 5.2.22 - Unrestricted Upload of File Vulnerability Via add.php (CVE-2020-8866)
999420	CVE-2020-8865	WEB-MISC Horde Groupware Webmail Edition 5.2.22 - Arbitrary File Inclusion Vulnerability Via edit.php (CVE-2020-8865)
999421	CVE-2020-8816	WEB-MISC Pi-hole Prior To 4.3.2 - Remote Code Execution Vulnerability Via removestatic (CVE-2020-8816)
999422	CVE-2020-8816	WEB-MISC Pi-hole Prior To 4.3.2 - Remote Code Execution Vulnerability Via AddMAC (CVE-2020-8816)
999423	CVE-2020-8243	WEB-MISC Pulse Connect Secure Prior To 9.1R8.2 - Remote Code Execution Vulnerability (CVE-2020-8243)
999424	CVE-2020-8218	WEB-MISC Pulse Connect Secure Prior To 9.1R8 - Remote Code Execution Vulnerability (CVE-2020-8218)
999425	CVE-2020-6143, CVE-2020-6144	WEB-MISC OS4Ed OpenSIS - Code Injection Vulnerability Via /install/Ins1.php (CVE-2020-6143, CVE-2020-6144)
999426	CVE-2020-6142	WEB-MISC OS4Ed OpenSIS - Path Traversal Vulnerability Via modname (CVE-2020-6142)
999427	CVE-2020-6141	WEB-MISC OS4Ed OpenSIS Prior to 7.4 - Unauthenticated SQLi Vulnerability Via USERNAME (CVE-2020-6141)
999428	CVE-2020-6140	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - Unauthenticated SQLi Vulnerability Via username_stn_id (CVE-2020-6140)
999429	CVE-2020-6139	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - Unauthenticated SQLi Vulnerability Via username_stf_email (CVE-2020-6139)
999430	CVE-2020-6138	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - Unauthenticated SQLi Vulnerability Via uname (CVE-2020-6138)
999431	CVE-2020-6137	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - Unauthenticated SQLi Vulnerability Via password_stf_email (CVE-2020-6137)
999432	CVE-2020-6125	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via GetSchool.php and u Parameter (CVE-2020-6125)
999433	CVE-2020-6124	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via EmailCheckOthers.php (CVE-2020-6124)
999434	CVE-2020-6123	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via EmailCheck.php and p_id Parameter (CVE-2020-6123)
999435	CVE-2020-6123	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via EmailCheck.php and email Parameter (CVE-2020-6123)
999436	CVE-2020-6122	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CheckDuplicateStudent.php and mn Parameter (CVE-2020-6122)
999437	CVE-2020-6121	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CheckDuplicateStudent.php and ln Parameter (CVE-2020-6121)
999438	CVE-2020-6120	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CheckDuplicateStudent.php and fn Parameter (CVE-2020-6120)
999439	CVE-2020-6119	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CheckDuplicateStudent.php and byear Parameter (CVE-2020-6119)
999440	CVE-2020-6118	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CheckDuplicateStudent.php and bmonth Parameter (CVE-2020-6118)
999441	CVE-2020-6117	WEB-MISC OS4Ed OpenSIS Prior to 7.5 - SQLi Vulnerability Via CheckDuplicateStudent.php and bday Parameter (CVE-2020-6117)
999442	CVE-2020-5780	WEB-WORDPRESS WordPress plug-in Email Subscribers And Newsletters Prior To 4.5.6 - Email Forgery Vulnerability (CVE-2020-5780)
999443	CVE-2020-4280	WEB-MISC IBM QRadar SIEM 7.3 and 7.4 - Insecure Java Deserialization Vulnerability Via JSON-RPC (CVE-2020-4280)
999444	CVE-2020-4280	WEB-MISC IBM QRadar SIEM 7.3 and 7.4 - Insecure Java Deserialization Vulnerability Via remoteMethod (CVE-2020-4280)
999445	CVE-2020-4280	WEB-MISC IBM QRadar SIEM 7.3 and 7.4 - Insecure Java Deserialization Vulnerability Via remoteJavaScript (CVE-2020-4280)
999446	CVE-2020-4280	WEB-MISC IBM QRadar SIEM 7.3 and 7.4 - Insecure Java Deserialization Vulnerability Via JSON-RPC (CVE-2020-4280)
999447	CVE-2020-4280	WEB-MISC IBM QRadar SIEM 7.3 and 7.4 - Insecure Java Deserialization Vulnerability Via remoteMethod (CVE-2020-4280)
999448	CVE-2020-4280	WEB-MISC IBM QRadar SIEM 7.3 and 7.4 - Insecure Java Deserialization Vulnerability Via remoteJavaScript (CVE-2020-4280)
999449	CVE-2020-24786	WEB-MISC Zoho ManageEngine ADManager Plus 7.0 Prior to Build 55 - Improper Authentication Vulnerability (CVE-2020-24786)
999450	CVE-2020-24389	WEB-WORDPRESS Drag and Drop Multiple File Uploader plug-in Prior To 1.3.5.5 - Security Bypass Vulnerability (CVE-2020-24389)
999451	CVE-2020-24046	WEB-MISC TitanHQ SpamTitan Gateway 7.08 - Privilege Escalation Vulnerability (CVE-2020-24046)
999452	CVE-2020-17506	WEB-MISC Artica Web Proxy 4.30.000000 - PreAuth SQL Injection Vulnerability Via Apikey Parameter (CVE-2020-17506)
999453	CVE-2020-17505	WEB-MISC Artica Web Proxy 4.30.000000 - OS Command Injection Vulnerability Via Service-cmds-peform Parameter (CVE-2020-17505)
999454	CVE-2020-17463	WEB-MISC Fuel CMS 1.4.8 - SQLi Vulnerability Via /fuel/users/items (CVE-2020-17463)
999455	CVE-2020-17463	WEB-MISC Fuel CMS 1.4.8 - SQLi Vulnerability Via /fuel/sitevariables/items (CVE-2020-17463)
999456	CVE-2020-17463	WEB-MISC Fuel CMS 1.4.8 - SQLi Vulnerability Via /fuel/permissions/items (CVE-2020-17463)
999457	CVE-2020-17463	WEB-MISC Fuel CMS 1.4.8 - SQLi Vulnerability Via /fuel/pages/items (CVE-2020-17463)
999458	CVE-2020-17463	WEB-MISC Fuel CMS 1.4.8 - SQLi Vulnerability Via /fuel/navigation/items (CVE-2020-17463)
999459	CVE-2020-17463	WEB-MISC Fuel CMS 1.4.8 - SQLi Vulnerability Via /fuel/logs/items (CVE-2020-17463)
999460	CVE-2020-17463	WEB-MISC Fuel CMS 1.4.8 - SQLi Vulnerability Via /fuel/blocks/items (CVE-2020-17463)
999461	CVE-2020-16875	WEB-MISC Microsoft Exchange Server - DLP Policy Remote Code Execution Vulnerability (CVE-2020-16875)
999462	CVE-2020-16171	WEB-MISC Acronis Cyber Backup Prior To 12.5 Build 16342 - SSRF Via Shard Header Vulnerability (CVE-2020-16171)
999463	CVE-2020-14947	WEB-MISC OCS Inventory Prior to 2.8 - OS Command Injection Vulnerability Via SNMP_MIB_DIRECTORY (CVE-2020-14947)
999464	CVE-2020-14947	WEB-MISC OCS Inventory Prior to 2.8 - OS Command Injection Vulnerability Via mib_file (CVE-2020-14947)
999465	CVE-2020-14008	WEB-MISC Zoho ManageEngine Applications Manager Up To 14710 - Remote Code Execution Vulnerability (CVE-2020-14008)
999466	CVE-2020-13925	WEB-MISC Apache Kylin Prior To 3.1.0 - Remote Code Execution Vulnerability Via Job (CVE-2020-13925)
999467	CVE-2020-13925	WEB-MISC Apache Kylin Prior To 3.1.0 - Remote Code Execution Vulnerability Via Project (CVE-2020-13925)
999468	CVE-2020-13854	WEB-MISC Artica Pandora FMS - Privilege Escalation Vulnerability (CVE-2020-13854)
999469	CVE-2020-13405	WEB-MISC Microweber Prior to 1.1.20 - Unauthenticated Information Disclosure Vulnerability (CVE-2020-13405)
999470	CVE-2020-13376	WEB-MISC SecurEnvoy SecurMail 9.3.503 - SecurEnvoyReply Cookie Path Traversal Vulnerability (CVE-2020-13376)
999471	CVE-2020-13159	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - OS Command Injection Vulnerability Via domain (CVE-2020-13159)
999472	CVE-2020-13159	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - OS Command Injection Vulnerability Via netbiosname (CVE-2020-13159)
999473	CVE-2020-13159	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - OS Command Injection Vulnerability Via alias (CVE-2020-13159)
999474	CVE-2020-13159	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - OS Command Injection Vulnerability Via hostname (CVE-2020-13159)
999475	CVE-2020-13159	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - OS Command Injection Vulnerability Via dhclient_server (CVE-2020-13159)
999476	CVE-2020-13159	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - OS Command Injection Vulnerability Via dhclient_interface (CVE-2020-13159)
999477	CVE-2020-13159	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - OS Command Injection Vulnerability Via dhclient_mac (CVE-2020-13159)
999478	CVE-2020-13158	WEB-MISC Artica Web Proxy Prior to 4.30.000000 - Path Traversal Vulnerability Via popup (CVE-2020-13158)
999479	CVE-2020-12851	WEB-MISC Pydio Cells Prior to 2.0.7 - Arbitrary File Write Vulnerability (CVE-2020-12851)
999480	CVE-2020-12848	WEB-MISC Pydio Cells Prior to 2.0.7 - Login as Temporary Shared User Vulnerability (CVE-2020-12848)
999481	CVE-2020-11699	WEB-MISC Titan SpamTitan Prior To 7.08 - Remote Code Execution Vulnerability (CVE-2020-11699)
999482	CVE-2020-11579	WEB-MISC PHPKBV9 - File Exfiltration Vulnerability (CVE-2020-11579)
999483	CVE-2020-10818	WEB-MISC Artica Web Proxy 4.26 - OS Command Injection Vulnerability Via fw.system.info.php (CVE-2020-10818)
999484	CVE-2020-10228	WEB-MISC Vtenext CE Prior to Version 20 - Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-10228)
999485	CVE-2020-10204	WEB-MISC Sonatype Nexus Repository Manager Prior to 3.21.2 - RCE Vulnerability Via coreui_User roles (CVE-2020-10204)
999486	CVE-2020-10204	WEB-MISC Sonatype Nexus Repository Manager Prior to 3.21.2 - RCE Vulnerability Via coreui_Role privileges (CVE-2020-10204)
999487	CVE-2020-10204	WEB-MISC Sonatype Nexus Repository Manager Prior to 3.21.2 - RCE Vulnerability Via coreui_Role roles (CVE-2020-10204)
999488	CVE-2020-10199	WEB-MISC Sonatype Nexus Repository Manager Prior to 3.21.2 - RCE Vulnerability Via REST Endpoint /bower/group (CVE-2020-10199)
999489	CVE-2020-10199	WEB-MISC Sonatype Nexus Repository Manager Prior to 3.21.2 - RCE Vulnerability Via REST Endpoint /go/group (CVE-2020-10199)
999490	CVE-2020-10199	WEB-MISC Sonatype Nexus Repository Manager Prior to 3.21.2 - RCE Vulnerability Via REST Endpoint /docker/group (CVE-2020-10199)
999491	CVE-2019-19699	WEB-MISC Centreon Up To 19.10 - Remote Code Execution Vulnerability (CVE-2019-19699)
999492	CVE-2019-19499	WEB-MISC Apache Grafana Up To 6.4.3 - Arbitrary File Read Vulnerability (CVE-2019-19499)
999493	CVE-2019-18394	WEB-MISC Ignite Realtime Openfire Up To 4.4.2 - FaviconServlet Server Side Request Forgery Vulnerability (CVE-2019-18394)
999494	CVE-2019-18393	WEB-MISC Ignite Realtime Openfire Up To 4.4.2 - plug-inServlet Directory Traversal Vulnerability (CVE-2019-18393)
999495	CVE-2019-16759	WEB-MISC vBulletin Prior to 5.6.2 - Remote Code Execution Vulnerability Via Nested Template (CVE-2019-16759)
999496	CVE-2019-15715	WEB-MISC MantisBT Prior to 1.3.20 and 2.22.1 - Remote Code Execution Vulnerability Via neato_tool (CVE-2019-15715)
999497	CVE-2019-15715	WEB-MISC MantisBT Prior to 1.3.20 and 2.22.1 - Remote Code Execution Vulnerability Via dot_tool (CVE-2019-15715)
999498	CVE-2019-11043	WEB-MISC PHP-FPM Multiple Versions - Out-Of-Bounds Write Vulnerability Allows Arbitrary Code Execution (CVE-2019-11043)
999499		WEB-WORDPRESS WordPress plug-in Autoptimize Up To 2.7.6 - Authenticated Arbitrary File Upload Vulnerability

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Signature update version 53

September 21, 2023

Contributed by:

C S

September 21, 2023

Contributed by:

C S

Signature update version 53

Signature version

Common Vulnerability Entry (CVE) insight

In this article