1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability

Known Exploited Vulnerabilities CVE-2023-6548 Mappings

Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability exploitation_technique T1055 Process Injection
Comments
This vulnerability allows for authenticated (low-privilege) remote code execution via code injection.
References
  1. https://digital.nhs.uk/cyber-alerts/2024/cc-4525