DoS and RCE Vulnerabilities Exploited in Citrix NetScaler ADC and NetScaler Gateway multiple CVE´s
On January 16, 2024, Citrix published a security bulletin disclosing two zero-day vulnerabilities (CVE-2023-6548 & CVE-2023-6549) being actively exploited in Citrix NetScaler ADC and NetScaler Gateway. CVE-2023-6548 CVSS 5.5 – Medium Actively Exploited? Code injection vulnerability on the Management Interface can result in authenticated Remote Code Execution (RCE) for low-privileged threat actors.· Pre-requisite: Access to NSIP, CLIP […]