Security News > 2023 > October > Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials
2023-10-10 05:52
A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign. IBM X-Force, which uncovered the activity last month, said adversaries exploited "CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user
News URL
https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html
Related news
- PetSmart warns of credential stuffing attacks trying to hack accounts (source)
- Retail chain Hot Topic hit by new credential stuffing attacks (source)
- Roku warns 576,000 accounts hacked in new credential stuffing attacks (source)
- Okta warns of "unprecedented" credential stuffing attacks on customers (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-19 | CVE-2023-3519 | Code Injection vulnerability in Citrix products Unauthenticated remote code execution | 9.8 |