#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

Citrix Gateway | Breaking Cybersecurity News | The Hacker News

Category — Citrix Gateway
Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products

Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products

Jul 08, 2020
Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WAN Optimization edition (WANOP) networking products. Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against the gateway or the authentication virtual servers . Citrix confirmed that the aforementioned issues do not impact other virtual servers, such as load balancing and content switching virtual servers. Among the affected Citrix SD-WAN WANOP appliances include models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. The networking vendor also reiterated that these vulnerabilities were not connected to a previously fixed zero-day NetScaler flaw (tagged as CVE-2019-19781 ) that allowed bad actors to perform arbitrary code execution even without proper authentication. It also said there's no evidence ...
Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack

Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack

Jan 20, 2020
Citrix has finally started rolling out security patches for a critical vulnerability in ADC and Gateway software that attackers started exploiting in the wild earlier this month after the company announced the existence of the issue without releasing any permanent fix. I wish I could say, "better late than never," but since hackers don't waste time or miss any opportunity to exploit vulnerable systems, even a short window of time resulted in the compromise of hundreds of Internet exposed Citrix ADC and Gateway systems. As explained earlier on The Hacker News, the vulnerability, tracked as CVE-2019-19781 , is a path traversal issue that could allow unauthenticated remote attackers to execute arbitrary code on several versions of Citrix ADC and Gateway products, as well as on the two older versions of Citrix SD-WAN WANOP. Rated critical with CVSS v3.1 base score 9.8, the issue was discovered by Mikhail Klyuchnikov, a security researcher at Positive Technologies, w...
Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive

Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive

Mar 07, 2025Software Security / AppSec
Are you tired of dealing with outdated security tools that never seem to give you the full picture? You're not alone. Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That's why we're excited to introduce a smarter, unified approach: Application Security Posture Management (ASPM). ASPM brings together the best of both worlds by connecting your code insights with real-time runtime data. This means you get a clear, holistic view of your application's security. Instead of reacting to threats, ASPM helps you prevent them. Imagine reducing costly retrofits and emergency patches with a proactive, shift-left strategy—saving you time, money, and stress. Join Amir Kaushansky, Director of Product Management at Palo Alto Networks, as he walks you through how ASPM is changing the game. In this free webinar , you'll learn to: Close the Security Gaps: Understand why traditional AppSec tools fall short and how ASPM fills ...
PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability

PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability

Jan 11, 2020
It's now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [ 1 , 2 ] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC and Gateway products that could allow anyone to leverage them to take full control over potential enterprise targets. Just before the last Christmas and year-end holidays, Citrix announced that its Citrix Application Delivery Controller (ADC) and Citrix Gateway are vulnerable to a critical path traversal flaw (CVE-2019-19781) that could allow an unauthenticated attacker to perform arbitrary code execution on vulnerable servers. Citrix confirmed that the flaw affects all supported version of the software, including: Citrix ADC and Citrix Gateway version 13.0 all supported build...
cyber security

Transformative Cybersecurity Training at SANS Security West 2025

websiteSANS Securityhttps://thehackernews.uk/sank-security-west-2025
To defend & protect critical systems, hands-on skills make all the difference. Learn in person to unlock extra practice & NetWars!
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources