CVE

CVE-2019-18910

Severity:
MEDIUM
Type:
CWE-78 OS Command Injections
Publication date:
22/11/2019
Last modified:
20/07/2023

Description

The Citrix Receiver wrapper function does not safely handle user supplied input, which may be leveraged by an attacker to inject commands that will execute with local user privileges.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:hp:thinpro:6.2:*:*:*:*:*:*:*
cpe:2.3:o:hp:thinpro:6.2.1:*:*:*:*:*:*:*
cpe:2.3:o:hp:thinpro:7.0:*:*:*:*:*:*:*
cpe:2.3:o:hp:thinpro:7.1:*:*:*:*:*:*:*