Application Delivery Controller Firmware

application_delivery_controller_firmware

Vendor: Citrix • 30 CVEs

CVEs (30)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-18177 1Citrix 2Application Delivery Controller Firmware Gateway Apr 14, 2025 Dec 26, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before...Show more In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update.Show less
CVE-2022-27518 1Citrix 2Application Delivery Controller Firmware Gateway Firmware Feb 25, 2026 Dec 13, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Unauthenticated remote arbitrary code execution
CVE-2022-27516 1Citrix 2Application Delivery Controller Firmware Gateway Nov 21, 2024 Nov 8, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 User login brute force protection functionality bypass
CVE-2022-27513 1Citrix 2Application Delivery Controller Firmware Gateway Nov 21, 2024 Nov 8, 2022 N/A· v4 9.6 CRITICAL· v3 N/A· v2 Remote desktop takeover via phishing
CVE-2022-27510 1Citrix 2Application Delivery Controller Firmware Gateway Nov 21, 2024 Nov 8, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Unauthorized access to Gateway user capabilities
CVE-2022-27509 1Citrix 2Application Delivery Controller Firmware Gateway Nov 21, 2024 Jul 28, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauthenticated redirection to a malicious website
CVE-2021-22956 1Citrix 3Application Delivery Controller Firmware GatewaySd Wan Nov 21, 2024 Dec 7, 2021 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface access to cause a tempora...Show more An uncontrolled resource consumption vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 that could allow an attacker with access to NSIP or SNIP with management interface access to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication.Show less
CVE-2021-22955 1Citrix 2Application Delivery Controller Firmware Gateway Nov 21, 2024 Dec 7, 2021 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to cause a temporary disrupt...Show more A unauthenticated denial of service vulnerability exists in Citrix ADC <13.0-83.27, <12.1-63.22 and 11.1-65.23 when configured as a VPN (Gateway) or AAA virtual server could allow an attacker to cause a temporary disruption of the Management GUI, Nitro API, and RPC communication.Show less
CVE-2021-22927 1Citrix 3Application Delivery Controller Firmware GatewayNetscaler Gateway Nov 21, 2024 Aug 5, 2021 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session.
CVE-2021-22919 1Citrix 4Application Delivery Controller Firmware GatewayNetscaler Gateway+1 more Nov 21, 2024 Aug 5, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO....Show more A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk space on the appliances being fully consumed.Show less
CVE-2020-8300 1Citrix 3Application Delivery Controller Firmware GatewayNetscaler Gateway Nov 21, 2024 Jun 16, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing att...Show more Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible.Show less
CVE-2020-8299 1Citrix 4Application Delivery Controller Firmware GatewayNetscaler Gateway+1 more Nov 21, 2024 Jun 16, 2021 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a s...Show more Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance.Show less
CVE-2020-8247 1Citrix 4Application Delivery Controller Firmware GatewayNetscaler Gateway+1 more Nov 21, 2024 Sep 18, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gate...Show more Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to escalation of privileges on the management interface.Show less
CVE-2020-8246 1Citrix 4Application Delivery Controller Firmware GatewayNetscaler Gateway+1 more Nov 21, 2024 Sep 18, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gate...Show more Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network.Show less
CVE-2020-8245 1Citrix 3Application Delivery Controller Firmware GatewayNetscaler Gateway Nov 21, 2024 Sep 18, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0,...Show more Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b leads to an HTML Injection attack against the SSL VPN web portal.Show less
CVE-2020-8198 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Nov 21, 2024 Jul 10, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in St...Show more Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS).Show less
CVE-2020-8197 1Citrix 3Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware Nov 21, 2024 Jul 10, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary c...Show more Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.Show less
CVE-2020-8196 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Oct 30, 2025 Jul 10, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limi...Show more Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.Show less
CVE-2020-8195 1Citrix 5Application Delivery Controller Firmware Gateway FirmwareGateway Plug In For Linux+2 more Oct 30, 2025 Jul 10, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in li...Show more Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.Show less
CVE-2020-8194 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Nov 21, 2024 Jul 10, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modif...Show more Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.Show less

12 Next