0day for Citrix Netscaler ADC and NetScaler Gateway latest versions
A vulnerability has been discovered in Citrix Gateway and Citrix ADC (formerly known as NetScaler ADC) that, if exploited, could lead to remote code execution on Management Interface.
The exploit implements an improper code generation control vulnerability ("code injection") in NetScaler ADC and NetScaler Gateway and allows access (RCE) to an NSIP, CLIP, or SNIP with a management interface to perform authenticated (low-privilege) remote code execution on the management interface.
app:"Citrix NetScaler Gateway"
NetScaler ADC and NetScaler Gateway 14.1 before 14.1-12.35
NetScaler ADC and NetScaler Gateway 13.1 before 13.1-51.15
NetScaler ADC and NetScaler Gateway 13.0 before 13.0-92.21
NetScaler ADC 13.1-FIPS before 13.1-37.176
NetScaler ADC 12.1-FIPS before 12.1-55.302
NetScaler ADC 12.1-NDcPP before 12.1-55.302
Author: Roonye660
For education purposes only.