Citrix currently warns about critical security vulnerabilities. NetScaler ADC and NetScaler Gateway are affected. The following security vulnerabilities are involved:

  • CVE-2023-3466 Reflected Cross-Site Scripting (XSS), Requires the victim to access an attacker-controlled link in the browser while being on a network with connectivity to the NSIP.
  • CVE-2023-3467 Privilege Escalation to root administrator (nsroot), Authenticated access to NSIP or SNIP with management interface access.
  • CVE-2023-3519 Unauthenticated remote code execution, Appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. For more information, please visit: Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467.

Origin article from Citrix: https://support.citrix.com/article/CTX561482

Especially the last CVE in the list appears as high critical with a rating 9,8 of 10!

Based on current knowledge, the following versions are affected:

  • NetScaler ADC and NetScaler Gateway 13.1 before 13.1-49.13
  • NetScaler ADC and NetScaler Gateway 13.0 before 13.0-91.13
  • NetScaler ADC 13.1-FIPS before 13.1-37.159
  • NetScaler ADC 12.1-FIPS before 12.1-65.36
  • NetScaler ADC 12.1-NDcPP before 12.65.36

IMPORTANT: Netscaler Version 12.1 won`t get any updates!

I strongly recommend installing the updated versions of NetScaler ADC and NetScaler Gateway as soon as possible.

In the meantime there are also several Exploits in the wild as well as some IOC scanner:

Leave a Comment

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.