CVE-2023-6548
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2023-6548 is a code injection vulnerability affecting NetScaler ADC and Gateway. An attacker with access to NSIP, CLIP, or SNIP through the management interface can carry out authenticated, low-privileged remote code execution on the management interface. This issue arises due to the improper control of code generation. Successful exploitation can lead to significant security implications, including unauthorized access and system compromise. Organizations using these products are advised to apply the available patches or mitigations immediately to protect against potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Citrix NetScaler Application Delivery Controller (ADC)
- Citrix Netscaler Gateway
Affected Vendors
- Citrix Systems