CVE-2021-44519

Name of the Vulnerable Software and Affected Versions Citrix XenMobile Server versions through 10.12 RP9

Description The issue exists due to incorrect restriction of the path name to a directory with limited access. This can allow a remote attacker to execute arbitrary code. The vulnerability is described as an Authenticated Directory Traversal vulnerability, leading to remote code execution.

Recommendations For versions through 10.12 RP9, update to a version that contains a fix for this issue to prevent remote code execution. As a temporary workaround, consider restricting access to sensitive directories to minimize the risk of exploitation.