Together, towards a better future

Citrix ADC and Gateway RCE Vulnerability Exploits Released

According to Shodan, at the time of writing, there are over 125,400 Citrix ADC or Gateway servers publicly accessible and can be exploited overnight if not taken offline or protected using available mitigation.


1 min read
Citrix ADC and Gateway RCE Vulnerability Exploits Released

Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC and Gateway products that could allow anyone to leverage them to take full control over potential enterprise targets.

Citrix confirmed that the flaw affects all supported version of the software, including:

  • Citrix ADC and Citrix Gateway version 13.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.1 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 11.1 all supported builds
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds

Through the cyberattacks against vulnerable servers were first seen in the wild last week when hackers developed private exploit after reverse engineering mitigation information, the public release of weaponized PoC would now make it easier for low-skilled script kiddies to launch cyberattacks against vulnerable organizations.

While discussing technical details of the flaw in a blog post published yesterday, MDSsec also released a video demonstration of the exploit they developed but chose not to release it at this moment.

Newsletter
Get all the latest posts delivered straight to your inbox!
🎉 You've successfully subscribed to Hack Hex!
OK