NetScaler ADC/Gateway Code Injection RCE via Management Interface
CVE-2023-6548 Published on January 17, 2024
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
Known Exploited Vulnerability
This Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP.
The following remediation steps are recommended / required by January 24, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Vulnerability Analysis
Weakness Type
What is a Code Injection Vulnerability?
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CVE-2023-6548 has been classified to as a Code Injection vulnerability or weakness.
Products Associated with CVE-2023-6548
stack.watch emails you whenever new vulnerabilities are published in Citrix Netscaler Gateway or Citrix Netscaler Application Delivery Controller. Just hit a watch button to start following.
Affected Versions
Cloud Software Group NetScaler ADC:- Version 14.1 and below 12.35 is affected.
- Version 13.1 and below 51.15 is affected.
- Version 13.0 and below 92.21 is affected.
- Version 13.1-FIPS and below 37.176 is affected.
- Version 12.1-FIPS and below 55.302 is affected.
- Version 12.1-NDcPP and below 55.302 is affected.
- Version 14.1 and below 12.35 is affected.
- Version 13.1 and below 51.15 is affected.
- Version 13.0 and below 92.21 is affected.
- Version 14.1 and below 14.1-12.35 is affected.
- Version 13.1 and below 13.1-51.15 is affected.
- Version 13.0 and below 13.0-92.21 is affected.
- Version 13.1 and below 13.1-37.176 is affected.
- Version 12.1 and below 12.1-55.302 is affected.
- Version 12.1 and below 12.1-55.302 is affected.
- Version 14.1 and below 14.1-12.35 is affected.
- Version 13.1 and below 13.1-51.15 is affected.
- Version 13.0 and below 13.0-92.21 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.