2:40pm, 21 Jan 2020

TLP Rating: White

Updated: Exploitation of critical Citrix vulnerability

Update: this is an updated advisory from 09/01/2020. 

Since our initial publication it was discovered that certain versions of the SD-WAN WANOP appliances are vulnerable. Additionally, it was found that in Citrix ADC and Citrix Gateway Release 12.1 build 50.28, the mitigation provided by Citrix did not function as expected. 

Citrix ADC (Application Delivery Controller, formerly NetScaler ADC), Citrix Gateway (formerly NetScaler Gateway), and certain versions of SD-WAN WANOP appliances allow remote code execution through a directory traversal vulnerability. This vulnerability was published in December 2019. There is widespread reporting of active scanning and exploitation of the vulnerability.