2:40pm, 21 Jan 2020
TLP Rating: White
Updated: Exploitation of critical Citrix vulnerability
Update: this is an updated advisory from 09/01/2020.
Since our initial publication it was discovered that certain versions of the SD-WAN WANOP appliances are vulnerable. Additionally, it was found that in Citrix ADC and Citrix Gateway Release 12.1 build 50.28, the mitigation provided by Citrix did not function as expected.
Citrix ADC (Application Delivery Controller, formerly NetScaler ADC), Citrix Gateway (formerly NetScaler Gateway), and certain versions of SD-WAN WANOP appliances allow remote code execution through a directory traversal vulnerability. This vulnerability was published in December 2019. There is widespread reporting of active scanning and exploitation of the vulnerability.