Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-7140Citrix Netscaler Application Delivery Controller Firmware vulnerability

5 documents4 sources
Severity
7.5HIGHNVD
EPSS
7.7%
top 8.06%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
9
Citrix Netscaler Application Delivery Controller FirmwareCitrix ADMCitrix Hypervisor+6 more
Timeline
PublishedOct 21
Latest updateMay 17

Description

Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote attackers to execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages9 packages

🔴Vulnerability Details

1
GHSA
GHSA-62mp-vmwr-c2jw: Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 102022-05-17

💥Exploits & PoCs

1
Exploit-DB
Citrix Netscaler SOAP Handler - Remote Code Execution (Metasploit)2014-11-06

📋Vendor Advisories

2
Citrix
CVE-2014-7140: Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.12014-10-21
Citrix
Citrix Security Bulletin CTX200206