Skip to main content

Netscaler Application Delivery Controller Firmware

29 CVEs product

Monthly

CVE-2019-12044 HIGH PATCH This Week

A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Citrix Netscaler Gateway Firmware Netscaler Application Delivery Controller Firmware
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-6485 MEDIUM PATCH This Month

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Citrix Information Disclosure Oracle Netscaler Gateway Firmware Netscaler Application Delivery Controller Firmware
NVD GitHub
CVSS 3.0
5.9
EPSS
2.3%
CVE-2018-6811 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Citrix XSS Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-6810 HIGH This Week

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Path Traversal Netscaler Gateway Firmware Netscaler Application Delivery Controller Firmware
NVD
CVSS 3.0
7.5
EPSS
4.4%
CVE-2018-6809 CRITICAL Act Now

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 3.0
9.8
EPSS
4.2%
CVE-2018-6808 HIGH This Week

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2017-5933 MEDIUM This Month

Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware
NVD GitHub
CVSS 3.0
5.9
EPSS
0.9%
CVE-2016-9028 HIGH This Week

Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Netscaler Application Delivery Controller Firmware
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2015-7998 MEDIUM PATCH This Month

The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Citrix Information Disclosure Netscaler Service Delivery Appliance Service Vm Netscaler Gateway Firmware Netscaler Application Delivery Controller Firmware
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-7997 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Citrix Netscaler Service Delivery Appliance Service Vm Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-7996 MEDIUM PATCH This Month

The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware Netscaler Service Delivery Appliance Service Vm Netscaler Gateway Firmware
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-6672 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Citrix Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-5538 CRITICAL Act Now

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
10.0
EPSS
2.0%
CVE-2015-5080 CRITICAL Act Now

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Citrix Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
9.0
EPSS
1.0%
CVE-2015-2829 HIGH PATCH This Week

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Citrix Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
7.8
EPSS
1.3%
CVE-2014-8580 MEDIUM PATCH This Month

Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Citrix Privilege Escalation Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
4.9
EPSS
0.3%
CVE-2014-7140 HIGH POC This Week

Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Citrix Netscaler Application Delivery Controller Firmware
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
7.7%
CVE-2014-4347 MEDIUM This Month

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Access Gateway Firmware Netscaler Access Gateway Netscaler Application Delivery Controller Firmware +1
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2014-4346 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Citrix Netscaler Application Delivery Controller Firmware Netscaler Application Delivery Controller Netscaler Access Gateway Firmware +1
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2014-2882 CRITICAL Act Now

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Access Gateway Firmware Netscaler Application Delivery Controller Firmware Netscaler Access Gateway +1
NVD VulDB
CVSS 2.0
10.0
EPSS
0.2%
CVE-2014-2881 CRITICAL Act Now

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Java Netscaler Access Gateway Firmware Netscaler Application Delivery Controller Firmware +2
NVD VulDB
CVSS 2.0
10.0
EPSS
0.4%
CVE-2013-6944 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-6943 MEDIUM This Month

Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Citrix Code Injection Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-6942 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-6941 CRITICAL Act Now

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
10.0
EPSS
0.4%
CVE-2013-6940 MEDIUM This Month

Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-6939 MEDIUM This Month

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
5.0
EPSS
0.6%
CVE-2013-6938 MEDIUM This Month

Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-6011 HIGH This Week

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Denial Of Service Netscaler Application Delivery Controller Firmware Netscaler Application Delivery Controller
NVD
CVSS 2.0
7.8
EPSS
0.6%
EPSS 2% CVSS 7.5
HIGH PATCH This Week

A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Citrix Netscaler Gateway Firmware +1
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Citrix Information Disclosure Oracle +2
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Citrix XSS Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 4% CVSS 7.5
HIGH This Week

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Path Traversal Netscaler Gateway Firmware +1
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Netscaler Application Delivery Controller Firmware
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Citrix Information Disclosure Netscaler Service Delivery Appliance Service Vm +2
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Citrix Netscaler Service Delivery Appliance Service Vm +2
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Citrix Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Citrix Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Citrix Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable.

Citrix Privilege Escalation Netscaler Application Delivery Controller Firmware +1
NVD
EPSS 8% CVSS 7.5
HIGH POC This Week

Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Citrix Netscaler Application Delivery Controller Firmware
NVD Exploit-DB
EPSS 1% CVSS 5.0
MEDIUM This Month

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Access Gateway Firmware +3
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Citrix Netscaler Application Delivery Controller Firmware +3
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Access Gateway Firmware +3
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Java +4
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Citrix Code Injection +1
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Information Disclosure Netscaler Application Delivery Controller Firmware
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Authentication Bypass Netscaler Application Delivery Controller Firmware
NVD VulDB
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Citrix Netscaler Application Delivery Controller Firmware
NVD VulDB
EPSS 1% CVSS 7.8
HIGH This Week

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Denial Of Service Netscaler Application Delivery Controller Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy