CVE-2025-12101

The CVE-2025-12101 XSS exists in NetScaler ADC and NetScaler Gateway when configured as a Gateway or AAA virtual server. The root cause is improper neutralization of input in the application’s RelayState handling, enabling arbitrary scripts to run in user views (CSRF potential noted by some sourc...

Vulnerability fixed in Check Point VPN products

Check Point has fixed a vulnerability in Quantum Gateway VPN systems. Check Point reports observing active abuse attempts. A path-traversal bug allows a malicious party to gain access to the username and password credentials of local accounts on the VPN system. If these local accounts, are...

CVE-2023-4967

Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA Virtual Server...

[VPN Plugin] Transfer Login keeps Loading with Non-English language setting

In Citrix Gateway VPN environment, you may observe the following issue when "Transfer Login": After clicking "Transfer" on Client VPN plugin, the button keepsspinning loading and stuck. Logs investigation show the following clues: Problem can only be observed in Non-English language setting Plugi...

Zyxel UTM and Zyxel Gateway VPN series Buffer Error Vulnerability

Welkin Technology Zyxel UTM is a unified threat management appliance from Welkin Technology, China. Welkin Technologies Zyxel Gateway VPN series is a series of VPN routers from Welkin Technologies, China that provide secure access. VPNs supported by this router include IPSec, L2TP over IPSec, PPT...

NetScaler Gateway 11.0 VPN Client and EPA Plug-in Does Not Work With Chrome Version 42 and Later

The Client and EPA Plug-ins don't work with the latest Chrome versions as support for NPAPI is disabled by default. The support will be deprecated entirely in Chrome version 45 in September 2015. From Chrome version 42, all NPAPI plugins will appear as if they are not installed. This will affect...