Citrix has indicated that an unauthenticated attacker can exploit this flaw to perform arbitrary code execution. Although details from Citrix are minimal, VERT’s research has identified three vulnerable behaviors which combine to enable code execution attacks on the NetScaler/ADC appliance. These flaws ultimately allow the attacker to bypass an authorization constraint to create a file with user-controlled content which can then be processed through a server-side scripting language. Other paths towards code execution may also exist.
All supported product versions of Citrix ADC (formerly NetScaler) and Citrix Gateway are impacted. An attacker can exploit this with access to the web interface for either the ADC/NS IP or the virtual IP used for VPN portals regardless of which features are licensed or configured. A successful exploitation allows the attacker to take complete control of the affected system. Once an attacker has control over the system, they can access private network resources and can further compromise the network by hijacking authenticated user-sessions or stealing user-credentials.