CVE-2014-7140

Citrix NetScaler <10.1-129.11, <10.5-50.10 - RCE

Title source: llm

Description

Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote attackers to execute arbitrary code via unknown vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotebsd

https://www.exploit-db.com/exploits/35180

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://support.citrix.com/article/CTX200206

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1031129

Scores

EPSS 0.0770

EPSS Percentile 91.9%

Details

Status published

Products (3)

citrix/netscaler_application_delivery_controller_firmware 10.0

citrix/netscaler_application_delivery_controller_firmware 10.1

citrix/netscaler_application_delivery_controller_firmware 10.5

Published Oct 21, 2014

Tracked Since Feb 18, 2026