What is CVE-2022-27506?

CVE-2022-27506 is a vulnerability that allows administrators to access the shell via the SD-WAN CLI using hard-coded credentials.

How severe is CVE-2022-27506?

CVE-2022-27506 has a severity rating of medium.

Which software versions are affected by CVE-2022-27506?

CVE-2022-27506 affects Citrix SD-WAN firmware versions up to 11.4.1.

How can I fix CVE-2022-27506?

To fix CVE-2022-27506, Citrix recommends upgrading to a version higher than 11.4.1.

Where can I find more information about CVE-2022-27506?

You can find more information about CVE-2022-27506 at the following link: [https://support.citrix.com/article/CTX370550](https://support.citrix.com/article/CTX370550)

Vulnerability/
CVE-2022-27506

medium

6.8

CWE

798

13/4/2022

16/9/2024

CVE-2022-27506

First published: Wed Apr 13 2022(Updated: )

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI

Credit: secure@citrix.com

Affected Software	Affected Version	How to fix
Citrix Sd-wan 110 Firmware	<11.4.1
Citrix Sd-wan 110
Citrix Sd-wan 210 Firmware	<11.4.1
Citrix Sd-wan 210
Citrix Sd-wan 400 Firmware	<11.4.1
Citrix Sd-wan 400
Citrix Sd-wan 410 Firmware	<11.4.1
Citrix Sd-wan 410
Citrix Sd-wan 1000 Firmware	<11.4.1
Citrix Sd-wan 1000 Firmware	<11.4.1
Citrix Sd-wan 1000
Citrix Sd-wan 2000 Firmware	<11.4.1
Citrix Sd-wan 2000 Firmware	<11.4.1
Citrix Sd-wan 2000
Citrix Sd-wan 2100 Firmware	<11.4.1
Citrix Sd-wan 2100 Firmware	<11.4.1
Citrix Sd-wan 2100
Citrix Sd-wan 4000 Firmware	<11.4.1
Citrix Sd-wan 4000
Citrix Sd-wan 4100 Firmware	<11.4.1
Citrix Sd-wan 4100
Citrix Sd-wan 5100 Firmware	<11.4.1
Citrix Sd-wan 5100 Firmware	<11.4.1
Citrix Sd-wan 5100
Citrix Sd-wan 6100 Firmware	<11.4.1
Citrix Sd-wan 6100 Firmware	<11.4.1
Citrix Sd-wan 6100
Citrix Sd-wan 1100 Firmware	<11.4.1
Citrix Sd-wan 1100 Firmware	<11.4.1
Citrix Sd-wan 1100
Citrix Sd-wan Center Management Console	<11.4.3
Citrix Sd-wan Orchestrator	<13.2.1

Never miss a vulnerability like this again

Reference Links

https://support.citrix.com/article/CTX370550

Frequently Asked Questions

What is CVE-2022-27506?
CVE-2022-27506 is a vulnerability that allows administrators to access the shell via the SD-WAN CLI using hard-coded credentials.
How severe is CVE-2022-27506?
CVE-2022-27506 has a severity rating of medium.
Which software versions are affected by CVE-2022-27506?
CVE-2022-27506 affects Citrix SD-WAN firmware versions up to 11.4.1.
How can I fix CVE-2022-27506?
To fix CVE-2022-27506, Citrix recommends upgrading to a version higher than 11.4.1.
Where can I find more information about CVE-2022-27506?
You can find more information about CVE-2022-27506 at the following link: [https://support.citrix.com/article/CTX370550](https://support.citrix.com/article/CTX370550)

collector/nvd-index
agent/severity
agent/references
agent/author
agent/weakness
agent/tags
agent/type
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/citrix
canonical/citrix sd-wan 110 firmware
canonical/citrix sd-wan 110
canonical/citrix sd-wan 210 firmware
canonical/citrix sd-wan 210
canonical/citrix sd-wan 400 firmware
canonical/citrix sd-wan 400
canonical/citrix sd-wan 410 firmware
canonical/citrix sd-wan 410
canonical/citrix sd-wan 1000 firmware
canonical/citrix sd-wan 1000
canonical/citrix sd-wan 2000 firmware
canonical/citrix sd-wan 2000
canonical/citrix sd-wan 2100 firmware
canonical/citrix sd-wan 2100
canonical/citrix sd-wan 4000 firmware
canonical/citrix sd-wan 4000
canonical/citrix sd-wan 4100 firmware
canonical/citrix sd-wan 4100
canonical/citrix sd-wan 5100 firmware
canonical/citrix sd-wan 5100
canonical/citrix sd-wan 6100 firmware
canonical/citrix sd-wan 6100
canonical/citrix sd-wan 1100 firmware
canonical/citrix sd-wan 1100
canonical/citrix sd-wan center management console
canonical/citrix sd-wan orchestrator