Hundreds of Citrix endpoints compromised with webshells. Zero-day exploit enables webshells to be installed on around 600 Citrix servers. Germany, France, and Switzerland have the highest number of impacted IPs. Citrix patched the vulnerability CVE-2023-3519 but exploits have still been observed. Other vulnerabilities patched include CVE-2023-3466 and CVE-2023-3467. The Shadowserver Foundation alerted Citrix users to the campaign. Over 15,000 NetScaler ADC and NetScaler Gateway servers were at risk. The zero-day was originally exploited in an attack on a US critical infrastructure organization. Hashtags: #Citrix #Webshells #ZeroDay #Vulnerabilities

https://www.infosecurity-magazine.com/news/hundreds-citrix-compromised/