A critical vuln was published in an advisory by Citrix, allowing an attacker with access to the Management-Interface of Citrix ADC, Citrix Gateway or Citrix SDWAN WAN-OP, full System compromise.
While Citrix did not provide any CVSS, we expect 9.0 and above.
from the advisory:
Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues including:
Attacks that are limited to the management interface (3.400 instances exposed online)
- System compromise by an unauthenticated user on the management network.
- System compromise through Cross Site Scripting (XSS) on the management interface
- Creation of a download link for the device which, if downloaded and then executed by an unauthenticated user on the management network, may result in the compromise of their local computer.
Updates
- Exploits released ca 24hrs after advisories
References
- Advisory: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance Security Update
- Citrix provides context on Security Bulletin CTX276688
Fragen? Kontakt: info@zero.bs