CVE-2023-3519
9.8CRITICALUnauthenticated remote code execution
Published: 7/19/2023Updated: 10/24/2025
CISA Known Exploited Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.
Required Action:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date:
2023-08-09
Known Ransomware Use
Description
Unauthenticated remote code execution
AI AnalysisPowered by AI
Affected Products
citrixnetscaler_application_delivery_controller
citrixnetscaler_application_delivery_controller
citrixnetscaler_application_delivery_controller
citrixnetscaler_application_delivery_controller
citrixnetscaler_application_delivery_controller
citrixnetscaler_gateway
citrixnetscaler_gateway
References
- http://packetstormsecurity.com/files/173997/Citrix-ADC-NetScaler-Remote-Code-Execution.htmlExploitThird Party AdvisoryVDB Entry
- https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467Vendor Advisory
- http://packetstormsecurity.com/files/173997/Citrix-ADC-NetScaler-Remote-Code-Execution.htmlExploitThird Party AdvisoryVDB Entry
- https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467Vendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-3519US Government Resource