Shodan
Vulnerabilities
Vulnerable Software
Citrix:  >> Netscaler Application Delivery Controller  Security Vulnerabilities
CVE-2023-6548
Known exploited
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
CVSS Score
5.5
EPSS Score
0.178
Published
2024-01-17
CVE-2023-4967
Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server
CVSS Score
8.2
EPSS Score
0.004
Published
2023-10-27
CVE-2023-4966
Known exploited
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.
CVSS Score
9.4
EPSS Score
0.943
Published
2023-10-10
CVE-2023-3466
Reflected Cross-Site Scripting (XSS)
CVSS Score
8.3
EPSS Score
0.009
Published
2023-07-19
CVE-2023-3467
Privilege Escalation to root administrator (nsroot)
CVSS Score
8.0
EPSS Score
0.004
Published
2023-07-19
CVE-2023-3519
Known exploited
Unauthenticated remote code execution
CVSS Score
9.8
EPSS Score
0.884
Published
2023-07-19
CVE-2019-12044
A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-05-22
CVE-2019-6485
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled.
CVSS Score
5.9
EPSS Score
0.005
Published
2019-02-22
CVE-2018-6808
NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-03-06
CVE-2018-6809
NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.
CVSS Score
9.8
EPSS Score
0.034
Published
2018-03-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved