CVE-2015-5080 – Vulnerability in Citrix NetScaler Application Deliver Controller and NetScaler Gateway Management Interface Could Result in Arbitrary Command Injection

Customers should ensure that their deployments follow the Citrix Secure Deployment Guide (

New versions of the Citrix NetScaler ADC firmware and NetScaler Gateway software have been released to address this vulnerability. Citrix recommends that affected customers upgrade to a version of the NetScaler appliance firmware that contains the fix for this issue as soon as they are able to do so.

This vulnerability has been addressed in the following firmware versions:

  • Citrix NetScaler ADC and Gateway version 10.5 Build 56.15 and 10.5.e Build 56.1505.e and later
  • Citrix NetScaler ADC and Gateway version 10.1 Build 132.8 and later

These versions can be obtained from the following locations:

NetScaler ADC Firmware

NetScaler ADC Virtual Appliance

NetScaler Gateway Product Software


Leave a Reply