A vulnerability in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances could enable remote attackers to execute arbitrary code. Attackers could exploit this flaw by sending a crafted request to a vulnerable Citrix SD-WAN WANOP appliance, resulting in arbitrary code execution. This could lead to full system compromise, potentially impacting integrity, availability, and confidentiality
Citrix has released security updates to address this vulnerability, urging users to apply the patches as soon as possible to mitigate the risk of exploitation. Organizations are advised to implement network segregation and access controls to prevent potential attacks targeting these products. https://www.cert.ssi.gouv.fr/pdf/CERTFR-2024-AVI-0419.pdf