Rewterz Threat Alert – Androxgh0st Malware Botnet Targets AWS and Microsoft for Credential Theft – Active IOCs
January 17, 2024Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
January 17, 2024Rewterz Threat Alert – Androxgh0st Malware Botnet Targets AWS and Microsoft for Credential Theft – Active IOCs
January 17, 2024Rewterz Threat Alert – Snake Keylogger Malware – Active IOCs
January 17, 2024Severity
Medium
Analysis Summary
CVE-2023-6548 CVSS:5.5
Citrix NetScaler ADC and NetScaler Gateway could allow a remote authentication attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input by the Management Interface. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-6549 CVSS:8.2
Citrix NetScaler ADC and NetScaler Gateway is vulnerable to a denial of service, caused by an unspecified flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Denial of Service
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-6548
- CVE-2023-6549
Affected Vendors
Citrix
Affected Products
- Citrix NetScaler ADC 12.1-FIPS
- Citrix NetScaler ADC 12.1-NDcPP
- Citrix NetScaler ADC 13.1-FIPS
- Citrix NetScaler ADC 13.0
- Citrix NetScaler ADC 13.1
- Citrix NetScaler Gateway 13.0
- Citrix NetScaler Gateway 13.1
- Citrix NetScaler ADC 14.1
Remediation
Refer to Citrix Website for patch, upgrade or suggested workaround information.