Recently, the Citrix published a set of 11 vulnerabilities in its most popular products that includes Citrix ADC as well, new research found that the hackers are constantly attempting several ways to exploit all these Citrix ADC vulnerabilities.
Out Of the 11 vulnerabilities, there are six possible attacks routes; five of those have barriers to exploitation.
This exploit was a high-risk vulnerability in Citrix ADC devices that allows unauthenticated remote code execution by the remote attackers. Moreover, this vulnerability was discovered in December 2019.
The vulnerabilities attack various Citrix products over the company’s line and range from a comparatively low-risk social elevation of the right defect to more severe code injection and also the cross-site scripting flaws.
But, the Citrix has plenty of mitigating factors for different kinds of vulnerabilities that make all the possible exploitation more complex.
According to the security experts, it is not clear specifically that which CVE was allocated to which vulnerability, but the probable applicants are:-
In total there are 11 products that were affected by this vulnerability, and here they are mentioned below:-
The first issue was marked as the most severe one, which allows the attacker to download the malicious files in the affected systems. Currently, the IP address, 13.232.154.46, is exploited by hackers to execute this malicious event.
Apart from this, in total there are 16 IP addresses that got affected in this vulnerability, and all these IPs belongs to “hostwindsdns{.}com”:-
There are three of the six potential attacks in CTX276688 that happen in the administration interface of a vulnerable device. Here, the systems expanded in line along with Citrix support, which will now have this interface isolated from the network and will be guarded by a firewall.
This kind of configuration considerably reduces the risk. Still, Citrix are not publishing most of the technical specifications of the vulnerabilities or patches to limit possible exploitation by the threat actors, who control patch releases for all new targets.
Citrix recommended customers on Citrix SD-WAN WANOP should also pay heed to the advisory just released as ADC is a component within the SD-WAN WANOP deployment. Fixes are available here.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Also Read:
100,000 WordPress Sites Impacted with Cross-Site Scripting(XSS) Flaw
Zoom 0day Vulnerability Let Remote Attacker to Execute Arbitrary Code on Victim’s Computer
Cisco has issued a critical security advisory regarding a vulnerability in its Adaptive Security Appliance…
Google has released several security patches for its Chrome browser, addressing critical vulnerabilities that malicious…
Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting 693,635…
A database containing over 1,000 email accounts associated with the National Health Service (NHS) has…
Researchers from Avast have uncovered a vulnerability in the cryptographic schema of the Mallox ransomware,…
A recently discovered vulnerability in Red Hat's NetworkManager, CVE-2024-8260, has raised concerns in the cybersecurity…