CVE-2023-3519

Description

Unauthenticated remote code execution

CVSS breakdown

Affected products

• Citrix / NetScaler ADC13.1 – 49.13
• Citrix / NetScaler ADC13.0 – 91.13
• Citrix / NetScaler ADC13.1-FIPS – 37.159
• Citrix / NetScaler ADC12.1-FIPS – 55.297
• Citrix / NetScaler ADC12.1-NDcPP – 55.297
• Citrix / NetScaler Gateway13.1 – 49.13
• Citrix / NetScaler Gateway13.0 – 91.13

Exploits & proofs of concept

• nucleiCitrix NetScaler ADC and NetScaler Gateway - Remote Code Executionby pussycat0x,ritikchaddha

References

• MISChttps://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467
• EXPLOIThttp://packetstormsecurity.com/files/173997/Citrix-ADC-NetScaler-Remote-Code-Execution.html