CVE-2017-11193

EPSS 0.15% · P35 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-11193

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. In the panel, the diag.cgi file is responsible for running commands such as ping, ping6, traceroute, traceroute6, nslookup, arp, and Portprobe. These functions do not have any protections against CSRF. That can allow an attacker to run these commands against any IP if they can get an admin to visit their malicious CSRF page.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Pulse Connect Secure 跨站请求伪造漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Pulse Connect Secure（又名PCS，前称Juniper Junos Pulse）是美国Pulse Secure公司的一套SSL VPN解决方案。 PCS 8.3R1版本中的diag.cgi文件存在跨站请求伪造漏洞，该漏洞源于程序没有对函数执行跨站请求伪造保护。远程攻击者可通过诱使管理员访问恶意的跨站请求伪造页面利用该漏洞执行命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-11193

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-11193

请登录查看更多情报信息。

https://twitter.com/sxcurity/status/884556905145937921x_refsource_MISC
http://www.sxcurity.pro/Multiple%20XSS%20and%20CSRF%20in%20Pulse%20Connect%20Secure%20v8.3R1.pdfx_refsource_MISC
http://www.securityfocus.com/bid/99621vdb-entryx_refsource_BID
https://nvd.nist.gov/vuln/detail/CVE-2017-11193

Same Patch Batch · n/a · 2017-07-12 · 22 CVEs total

CVE-2017-11188		ImageMagick 安全漏洞
CVE-2017-11182		Rise Ultimate Project Manager My Profile section 跨站脚本漏洞
CVE-2017-11181		Rise Ultimate Project Manager Messaging section 跨站脚本漏洞
CVE-2017-11180		FineCMS 跨站脚本漏洞
CVE-2017-11179		FineCMS 跨站脚本漏洞
CVE-2017-11178		FineCMS 安全漏洞
CVE-2017-11165		Thermo Fisher Scientific Thermo Fisher Scientific dataTaker DT80 dEX 安全漏洞
CVE-2017-7678		Apache Spark 安全漏洞
CVE-2017-11167		FineCMS 安全漏洞
CVE-2016-8638		SAML 授权问题漏洞
CVE-2017-11187		phpMyFAQ 安全漏洞
CVE-2017-11174		XOOPS Core SQL注入漏洞
CVE-2017-9977		AVG AntiVirus for MacOS scan engine 安全漏洞
CVE-2017-9845		SAP NetWeaver disp+work 安全漏洞
CVE-2017-9844		SAP NetWeaver 安全漏洞
CVE-2017-9843		SAP NetWeaver AS ABAP 安全漏洞
CVE-2017-11190		unrar-free 安全漏洞
CVE-2017-11189		unrar-free 代码问题漏洞
CVE-2017-11196		Pulse Connect Secure 跨站请求伪造漏洞
CVE-2017-11195		Pulse Connect Secure 安全漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-11193

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-11193

I. Basic Information for CVE-2017-11193

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-11193

III. Intelligence Information for CVE-2017-11193

Same Patch Batch · n/a · 2017-07-12 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-11193

Leave a comment