On January 16, 2024, Citrix published a security bulletin disclosing two zero-day vulnerabilities (CVE-2023-6548 & CVE-2023-6549) being actively exploited in Citrix NetScaler ADC and NetScaler Gateway. CVE-2023-6548 CVSS 5.5 – Medium Actively Exploited? Code injection vulnerability on the Management Interface can result in authenticated Remote Code Execution (RCE) for low-privileged threat actors. · Pre-requisite: … CVE-2023-6548 & CVE-2023-6549: DoS and RCE Vulnerabilities Exploited in Citrix NetScaler ADC and NetScaler Gateway