CVE-2021-22919

A vulnerability has been discovered in Citrix ADC formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway, and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk...

CVE-2019-18177

In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update...

CVE-2020-10112

Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. NOTE: Citrix disputes this as not a vulnerability. By default, Citrix ADC only caches static content served under certain URL paths for Citrix Gateway usage. No dynamic content is served under these paths, which implies that those cached...

vpn_exploitation_tool

AD + Citrix VPN Data Harvester Modular Java tool for testing...

EUVD-2020-29068

Malware in sbrugna...

EUVD-2020-29128

Malware in sbrugna...

EUVD-2020-29117

Malware in sbrugna...

EUVD-2021-10049

Malware in sbrugna...

EUVD-2020-29065

Malware in sbrugna...

EUVD-2020-29127

Malware in sbrugna...

EUVD-2020-29074

Malware in sbrugna...

EUVD-2021-10048

Malware in sbrugna...

EUVD-2020-29075

Malware in sbrugna...

EUVD-2022-26986

Malicious code in bioql PyPI...

Vulnerabilities fixed in Citrix NetScaler ADC and Gateway

Citrix has fixed vulnerabilities in the NetScaler ADC and Gateway The vulnerabilities are related to memory overflow and improper access control configurations. Malicious parties can exploit the vulnerabilities to cause a Denial-of-Service and potentially execute arbitrary code on the vulnerable...

VulnCheck KEV: CVE-2020-8194

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-5777link is external Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability These types of vulnerabilities are frequent attack vectors for malicio...

Exploit for Path Traversal in Citrix Application_Delivery_Controller_Firmware

CVE-2019-19781 Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway CVE-2019-19781 Usage : bash CVE-2019-19781.sh IPOFVULNURABLEHOST COMMANDTOEXECUTE e.g : bash CVE-2019-19781.sh XX.XX.XX.XX 'cat /etc/passwd' Reference :...

CVE-2023-24487

Arbitrary file read in Citrix ADC and Citrix Gateway...

CVE-2022-21827

An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows Citrix Secure Access for Windows 21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to corrupt or delete files as SYSTEM...