Published: 17/01/2024 Updated: 25/01/2024

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix netscaler gateway
citrix netscaler application delivery controller

0day for Citrix Netscaler ADC and NetScaler Gateway latest versions

CVE-2023-6548-POC 0day for Citrix Netscaler ADC and NetScaler Gateway latest versions 🔥 CVSS: 10/10 Description A vulnerability has been discovered in Citrix Gateway and Citrix ADC (formerly known as NetScaler ADC) that, if exploited, could lead to remote code execution on Management Interface Exploit details The exploit implements an improper code generation control vulner

Two more Citrix NetScaler bugs exploited in the wild

The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Just when you thought you had recovered from Bleed

Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed – but not before criminals found and exploited them, according to the vendor. CVE-2023-6548 could allow remote code execution (RCE) in the appliances' management interface. It received a 5.5 CVSS rating, which is low for an RCE bug. One reason for this may be because it does require the attacker to be authenticated, albeit with low-level privileges, and they must have access to NetScaler IP (NSIP), Subnet IP (SNIP), or...

CVE-2023-6548

Vulnerability Summary

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect