Unauthorised users able to perform 'arbitrary code execution'
A critical vulnerability found in Citrix Application Delivery Controller and Citrix Gateway (formerly known as Netscaler ADC and Netscaler Gateway) means businesses with apps published using these technologies may be exposing their internal network to unauthorised access.
Citrix (NetScaler) ADC is a load balancer and monitoring tech, while Unified Gateway provides remote access to internal applications. This can include desktop applications as well as intranet or web applications. "Any application on any device from any location" is the marketing pitch.
On 17 December, Citrix published an advisory stating that a vulnerability in these services "could allow an unauthenticated attacker to perform arbitrary code execution."
According to Positive Technologies, the security company which discovered the flaw, no account details are required. Positive says the " ..
Support the originator by clicking the read the rest link below.
