Netscaler Gateway Firmware Security Vulnerabilities and Issues — Netscaler Gateway Firmware CVE List

Lucene search

CitrixNetscaler Gateway Firmware

31 matches found

CVE•added 2019/12/27 2:15 p.m.•2435 views

CVE-2019-19781

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.

9.8CVSS9.8AI score0.94442EPSS

CVE•added 2020/07/10 4:15 p.m.•1062 views

CVE-2020-8193

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.

6.5CVSS6.5AI score0.94349EPSS

CVE•added 2020/07/10 4:15 p.m.•1020 views

CVE-2020-8196

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

4.3CVSS5AI score0.6387EPSS

CVE•added 2020/07/10 4:15 p.m.•1018 views

CVE-2020-8195

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.

6.5CVSS6.2AI score0.85271EPSS

CVE•added 2020/07/10 4:15 p.m.•159 views

CVE-2020-8194

Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.

6.5CVSS6.8AI score0.79516EPSS

CVE•added 2019/10/21 6:15 p.m.•109 views

CVE-2019-18225

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain ap...

9.8CVSS9.4AI score0.002EPSS

CVE•added 2019/02/22 11:29 p.m.•89 views

CVE-2019-6485

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10....

5.9CVSS5.3AI score0.00463EPSS

CVE•added 2020/07/10 4:15 p.m.•77 views

CVE-2020-8191

6.1CVSS6.2AI score0.90676EPSS

CVE•added 2020/07/10 4:15 p.m.•73 views

CVE-2020-8187

Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.

7.5CVSS7.8AI score0.00623EPSS

CVE•added 2017/12/13 4:29 p.m.•71 views

CVE-2017-17382

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a RO...

5.9CVSS6.3AI score0.77766EPSS

CVE•added 2020/07/10 4:15 p.m.•66 views

CVE-2020-8190

Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.

7.5CVSS8.1AI score0.00268EPSS

CVE•added 2020/07/10 4:15 p.m.•65 views

CVE-2020-8197

Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.

8.8CVSS8.9AI score0.0071EPSS

CVE•added 2017/09/26 2:29 p.m.•59 views

CVE-2017-14602

A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53....

9CVSS7AI score0.01175EPSS

CVE•added 2020/07/10 4:15 p.m.•58 views

CVE-2020-8198

6.1CVSS6.5AI score0.0039EPSS

CVE•added 2018/10/24 9:29 p.m.•54 views

CVE-2018-18517

Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.

4.8CVSS5.1AI score0.00463EPSS

CVE•added 2019/05/22 4:29 p.m.•50 views

CVE-2019-12044

A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1...

7.5CVSS7.5AI score0.00573EPSS

CVE•added 2017/04/13 2:59 p.m.•49 views

CVE-2017-7219

A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.

9CVSS8.4AI score0.0164EPSS

CVE•added 2018/03/06 8:29 p.m.•49 views

CVE-2018-6810

Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.

7.5CVSS8.4AI score0.04991EPSS

CVE•added 2018/05/17 7:29 p.m.•48 views

CVE-2018-7218

The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote attackers to execute arbitrary code via unspecified vectors.

10CVSS9.7AI score0.06191EPSS

CVE•added 2015/11/17 3:59 p.m.•47 views

CVE-2015-7997

Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices a...

4.3CVSS5.9AI score0.00293EPSS

CVE•added 2015/07/16 2:59 p.m.•45 views

CVE-2015-5080

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter pa...

9CVSS7.5AI score0.01003EPSS

CVE•added 2018/03/06 8:29 p.m.•45 views

CVE-2018-6809

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.

10CVSS9.6AI score0.03581EPSS

CVE•added 2015/11/17 3:59 p.m.•44 views

CVE-2015-7996

The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser ca...

5CVSS6.8AI score0.00293EPSS

CVE•added 2015/09/17 4:59 p.m.•41 views

CVE-2015-5538

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Inter...

10CVSS7.5AI score0.01961EPSS

CVE•added 2017/12/13 4:29 p.m.•41 views

CVE-2017-17549

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 allow remote attackers to obtain sensitive information from the backend client TLS handshake by leveraging use of TLS w...

5.9CVSS5.5AI score0.00343EPSS

CVE•added 2014/11/07 7:55 p.m.•39 views

CVE-2014-8580

Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access "network resources" of other users via ...

4.9CVSS6.4AI score0.00251EPSS

CVE•added 2015/09/17 4:59 p.m.•38 views

CVE-2015-6672

Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HT...

4.3CVSS5.8AI score0.00293EPSS

CVE•added 2018/03/06 8:29 p.m.•37 views

CVE-2018-6811

Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface.

6.1CVSS7.2AI score0.00255EPSS

CVE•added 2018/03/06 8:29 p.m.•36 views

CVE-2018-6808

NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.

7.5CVSS8.7AI score0.00332EPSS

CVE•added 2015/11/17 3:59 p.m.•35 views

CVE-2015-7998

The administration UI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allows attackers to obtain sensitive information...

5CVSS6.2AI score0.00293EPSS

CVE•added 2015/05/12 7:59 p.m.•33 views

CVE-2015-2829

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service (reboot) via unspecified vectors.

7.8CVSS6.9AI score0.01037EPSS