Netscaler Gateway Firmware

netscaler_gateway_firmware

Vendor: Citrix • 31 CVEs

CVEs (31)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-8198 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Nov 21, 2024 Jul 10, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in St...Show more Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in Stored Cross-Site Scripting (XSS).Show less
CVE-2020-8197 1Citrix 3Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware Nov 21, 2024 Jul 10, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary c...Show more Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.Show less
CVE-2020-8196 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Oct 30, 2025 Jul 10, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limi...Show more Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.Show less
CVE-2020-8195 1Citrix 5Application Delivery Controller Firmware Gateway FirmwareGateway Plug In For Linux+2 more Oct 30, 2025 Jul 10, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in li...Show more Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.Show less
CVE-2020-8194 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Nov 21, 2024 Jul 10, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modif...Show more Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download.Show less
CVE-2020-8193 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Oct 30, 2025 Jul 10, 2020 N/A· v4 6.5 MEDIUM· v3 5.0 MEDIUM· v2 Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenti...Show more Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.Show less
CVE-2020-8191 1Citrix 4Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware+1 more Nov 21, 2024 Jul 10, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflecte...Show more Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS).Show less
CVE-2020-8190 1Citrix 3Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware Nov 21, 2024 Jul 10, 2020 N/A· v4 7.5 HIGH· v3 6.0 MEDIUM· v2 Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.
CVE-2020-8187 1Citrix 2Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 Jul 10, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack.
CVE-2019-19781 1Citrix 3Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware Nov 7, 2025 Dec 27, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
CVE-2019-18225 1Citrix 3Application Delivery Controller Firmware Gateway FirmwareNetscaler Gateway Firmware Nov 21, 2024 Oct 21, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An a...Show more An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain appliance administrative access. These products formerly used the NetScaler brand name.Show less
CVE-2019-12044 1Citrix 2Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 May 22, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5....Show more A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23.Show less
CVE-2019-6485 1Citrix 2Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 Feb 22, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12...Show more Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled.Show less
CVE-2018-18517 1Citrix 1Netscaler Gateway Firmware Nov 21, 2024 Oct 24, 2018 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.
CVE-2018-7218 1Citrix 2Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 May 17, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote...Show more The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote attackers to execute arbitrary code via unspecified vectors.Show less
CVE-2018-6811 1Citrix 2Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 Mar 6, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via t...Show more Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface.Show less
CVE-2018-6810 1Citrix 2Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 Mar 6, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request...Show more Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.Show less
CVE-2018-6809 1Citrix 2Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 Mar 6, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.
CVE-2018-6808 1Citrix 2Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware Nov 21, 2024 Mar 6, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.
CVE-2017-17549 1Citrix 2Application Delivery Controller Firmware Netscaler Gateway Firmware May 13, 2026 Dec 13, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 allow remote attackers to obtain sensiti...Show more Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 allow remote attackers to obtain sensitive information from the backend client TLS handshake by leveraging use of TLS with Client Certificates and a Diffie-Hellman Ephemeral (DHE) key exchange.Show less

12 Next