A vulnerability has been discovered in Citrix Gateway and Citrix ADC which could allow for remote code execution. Citrix ADC and Gateway is an Application Delivery Controller and a gateway service to products respectively. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data.
The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router.
Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name parameters present in the LAN configuration section of the administrative dashboard.
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or information disclosure.
