Skip to main content

Gateway Firmware

12 CVEs product

Monthly

CVE-2020-8198 MEDIUM This Month

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Application Delivery Controller Firmware Netscaler Gateway Firmware Gateway Firmware +1
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-8197 HIGH This Week

Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Citrix Application Delivery Controller Firmware Netscaler Gateway Firmware Gateway Firmware
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-8196 MEDIUM KEV THREAT This Month

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Information Disclosure Application Delivery Controller Firmware Netscaler Gateway Firmware +2
NVD
CVSS 3.1
4.3
EPSS
26.3%
CVE-2020-8195 MEDIUM POC KEV THREAT This Month

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Information Disclosure Application Delivery Controller Firmware Netscaler Gateway Firmware Gateway Firmware +2
NVD
CVSS 3.1
6.5
EPSS
33.3%
CVE-2020-8194 MEDIUM POC THREAT This Month

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Citrix Application Delivery Controller Firmware Netscaler Gateway Firmware +2
NVD
CVSS 3.1
6.5
EPSS
10.7%
CVE-2020-8193 MEDIUM POC KEV THREAT This Month

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Authentication Bypass Application Delivery Controller Firmware Netscaler Gateway Firmware Gateway Firmware +1
NVD
CVSS 3.1
6.5
EPSS
88.4%
CVE-2020-8191 MEDIUM POC THREAT This Month

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Application Delivery Controller Firmware Netscaler Gateway Firmware Gateway Firmware +1
NVD
CVSS 3.1
6.1
EPSS
22.9%
CVE-2020-8190 HIGH This Week

Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Citrix Application Delivery Controller Firmware Netscaler Gateway Firmware Gateway Firmware
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-10112 MEDIUM POC This Month

Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Citrix Information Disclosure Gateway Firmware
NVD
CVSS 3.1
5.4
EPSS
1.4%
CVE-2020-10111 HIGH POC This Week

Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Citrix Information Disclosure Gateway Firmware
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2020-10110 MEDIUM POC This Month

Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Information Disclosure Gateway Firmware
NVD
CVSS 3.1
5.3
EPSS
2.6%
CVE-2019-18225 CRITICAL Act Now

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Citrix Application Delivery Controller Firmware Netscaler Gateway Firmware Gateway Firmware
NVD
CVSS 3.1
9.8
EPSS
1.5%
EPSS 1% CVSS 6.1
MEDIUM This Month

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Application Delivery Controller Firmware +3
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Citrix Application Delivery Controller Firmware +2
NVD
EPSS 26% CVSS 4.3
MEDIUM KEV THREAT This Month

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Information Disclosure +4
NVD
EPSS 33% CVSS 6.5
MEDIUM POC KEV THREAT This Month

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Information Disclosure Application Delivery Controller Firmware +4
NVD
EPSS 11% CVSS 6.5
MEDIUM POC THREAT This Month

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Citrix +4
NVD
EPSS 88% CVSS 6.5
MEDIUM POC KEV THREAT This Month

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Authentication Bypass Application Delivery Controller Firmware +3
NVD
EPSS 23% CVSS 6.1
MEDIUM POC THREAT This Month

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Application Delivery Controller Firmware +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Citrix Application Delivery Controller Firmware +2
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Citrix Information Disclosure +1
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Citrix Information Disclosure +1
NVD
EPSS 3% CVSS 5.3
MEDIUM POC This Month

Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Information Disclosure Gateway Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Citrix Application Delivery Controller Firmware +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy