Security News > 2024 > January > Two more Citrix NetScaler bugs exploited in the wild

Two vulnerabilities in NetScaler's ADC and Gateway products have been fixed - but not before criminals found and exploited them, according to the vendor.

The flaws only affected customer-managed NetScaler ADC and NetScaler Gateway, so customers using Netscaler-managed services don't have to worry about any of this.

Citrix/Netscaler history Citrix acquired Netscaler in 2005 and retained the Netscaler name for its products.

Once Citrix merged with Tibco in 2022, Netscaler became one of the brands operated by the Cloud Software Group, which reconstituted it as a standalone business.

Netscaler's security and support ops remain entangled with that of Citrix, which probably explains why flaws in Netscaler products are named for Citrix and technical docs about Netscaler products appear at Citrix.com.

Citrix Bleed, of course, is the critical information-disclosure bug that also affects NetScaler ADC and NetScaler Gateway.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/18/citrix_netscaler_bugs_attacked/