Citrix: >> Netscaler Gateway Security Vulnerabilities
Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
CVSS Score
9.8
EPSS Score
0.001
Published
2025-08-26
CVE-2025-7775
Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
(OR)
NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers
(OR)
NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers
(OR)
CR virtual server with type HDX
Known exploited
CVSS Score
9.8
EPSS Score
0.123
Published
2025-08-26
CVE-2025-6543
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Known exploited
CVSS Score
9.8
EPSS Score
0.039
Published
2025-06-25
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway
CVSS Score
8.8
EPSS Score
0.001
Published
2025-06-17
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Known exploited
CVSS Score
7.5
EPSS Score
0.478
Published
2025-06-17
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources
CVSS Score
8.1
EPSS Score
0.003
Published
2024-11-12
Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled
CVSS Score
8.1
EPSS Score
0.005
Published
2024-11-12
Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler
CVSS Score
7.5
EPSS Score
0.004
Published
2024-07-10
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway
CVSS Score
6.1
EPSS Score
0.006
Published
2024-07-10
CVE-2023-6549
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
Known exploited
CVSS Score
8.2
EPSS Score
0.163
Published
2024-01-17
Page 1