CVE-2023-6548
Description
Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.
NVD
Severity: HIGH
CVE ID: CVE-2023-6548
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Citrix Systems, Inc.
Severity: MEDIUM
CVE ID: CVE-2023-6548
CVSS Score: 5.5
CVSS Metrics: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Proof Of Concept
Roonye660
0day for Citrix Netscaler ADC and NetScaler Gateway latest versions
Refrence: GitHub