Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix gateway vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-4945
Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote malicious users to inject arbitrary web script or HTML via the NSC_TMAC cookie.
Citrix Netscaler Gateway 11.0 Firmware
7.8
CVSSv3
CVE-2020-8199
Improper access control in Citrix ADC Gateway Linux client versions prior to 1.0.0.137 results in local privilege escalation to root.
Citrix Gateway Plug-in For Linux
1 Article
6.1
CVSSv3
CVE-2016-2072
The Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x prior to 11.0 Build 64.34, 10.5 prior to 10.5 Build 59.13, 10.5.e before Build 59.1305.e, and 10.1 allows remote malicious users to conduct clickjacking attacks v...
Citrix Netscaler 10.1
Citrix Netscaler 10.5
Citrix Netscaler 10.5e
Citrix Netscaler 11.0
8.8
CVSSv3
CVE-2018-6186
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
Citrix Netscaler 12.0
9.8
CVSSv3
CVE-2016-2071
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x prior to 11.0 Build 64.34, 10.5 prior to 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote malicious users to gain privileges via unspecified NS Web GUI commands.
Citrix Netscaler 10.5
Citrix Netscaler 10.5e
Citrix Netscaler 11.0
NA
CVE-2009-2453
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows malicious users to bypass intended access restrictions via unknown vectors.
Citrix Presentation Server 4.5
Citrix Xenapp 4.5
5.9
CVSSv3
CVE-2017-5933
Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote malicious users to obtain the GCM authentication key and spoof data by levera...
Citrix Netscaler Application Delivery Controller Firmware
1 Github repository
NA
CVE-2014-7140
Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x prior to 10.1-129.11 and 10.5 prior to 10.5-50.10 allows remote malicious users to execute arbitrary code via unknown vectors.
Citrix Netscaler Application Delivery Controller Firmware 10.5
Citrix Netscaler Application Delivery Controller Firmware 10.0
Citrix Netscaler Application Delivery Controller Firmware 10.1
1 EDB exploit
8.8
CVSSv3
CVE-2023-24492
A vulnerability has been discovered in the Citrix Secure Access client for Ubuntu which, if exploited, could allow an malicious user to remotely execute code if a victim user opens an attacker-crafted link and accepts further prompts.
Citrix Secure Access Client
NA
CVE-2008-5882
SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) prior to 6.1, as used by Avaya AG250 - Broadcast Server prior to 2.0 and possibly other products, allows remote malicious users to execute arbitrary SQL commands via the txtUID paramet...
Citrix Broadcast Server
Avaya Broadcast Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »