Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
Vulnerable devices are exposed to the internet and code that exploits the vulnerability is publicly available. An unauthenticated attacker can easily exploit this vulnerability to create a denial of service (DoS) scenario or gain complete control of a device by running arbitrary code with root privileges.
Kill Chain
Risk Score
87
The Citrix products, NetScaler Application Delivery Controller (formerly Citrix ADC), and NetScaler Gateway (formerly Citrix Gateway), have an HTTPS web application that includes a DoS and remote code execution (RCE) vulnerability. An unauthenticated attacker sends a malicious HTTP request to the victim. This request includes a path that ends with /gwtest/formssso. The request also includes query parameters with two specific key-value pairs: the event key is paired with the start value and the target key is paired with a malicious payload. The payload content is tailored to the specific version and desired outcome. For example, successful DoS requires a payload that must be at least 167 characters long. Successful RCE requires a slightly longer payload and malicious code. After receiving the request, the victim runs the malicious payload with root privileges.
