NetScaler ADC and NetScaler Gateway Race Condition (CTX696300 / CVE-2026-4368)

The remote NetScaler ADC formerly Citrix ADC or NetScaler Gateway formerly Citrix Gateway device is version 14.1-66.54. It is, therefore, affected by a vulnerability: - Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway SSL VPN, ICA Proxy, CVPN, RDP Prox...

EUVD-2026-14547

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway SSL VPN, ICA Proxy, CVPN, RDP Proxy or AAA virtual server leading to User Session Mixup...

CVE-2026-4368 Race Condition leading to User Session Mixup

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway SSL VPN, ICA Proxy, CVPN, RDP Proxy or AAA virtual server leading to User Session Mixup...

NetScaler ADC and NetScaler Gateway XSS (CTX695486)

The remote NetScaler ADC formerly Citrix ADC or NetScaler Gateway formerly Citrix Gateway device is version 14.1 prior to 14.1-56.73, 13.1 prior to 13.1-60.32, 13.1-FIPS prior to 13.1-37.250-FIPS, or 12.1-FIPS prior to 12.1-55.333-FIPS. It is, therefore, affected by a cross-site scripting...

CVE-2025-12101

Cross-Site Scripting XSS in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...

EUVD-2025-84344

Cross-Site Scripting XSS in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...

CVE-2025-12101 Cross-Site Scripting (XSS)

Cross-Site Scripting XSS in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...

CVE-2025-12101 Cross-Site Scripting (XSS)

Cross-Site Scripting XSS in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy OR AAA virtual server...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2025-7775 Memory overflow vulnerability leading to Remote...

CVE-2025-7775

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server OR NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS...

CVE-2025-7775 Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server OR NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS...

Netscaler-13.1-Security scanner reported "Cacheable SSL Page Found" for gateway virtual server

Security scanner reported "Cacheable SSL Page Found" for gateway virtual server. The detailed content reported by the scanner is as below: ------------------------------ The application has responded with a response that indicates the page should be cached, but cache controls aren't set you can...

NetScaler Gateway-13.1-Launching ICA session got stuck with client authentication enabled

You may stuck at the ICA session launching process when you enable client authentication in Gateway virtual server...

Citrix ADC and NetScaler Gateway Security Vulnerabilities

Citrix Systems Citrix ADC and NetScaler Gateway is an application delivery controller from Citrix Systems, Inc. A security vulnerability exists in NetScaler ADC and NetScaler Gateway that originates from a denial of service vulnerability when configured as a gateway or AAA virtual server...

How to check the current TCP connection number of Gateway virtual server

It's not possible to check the current TCP connection number for gateway virtual server on NetScaler GUI, but it can be checked on the NetScaler CLI...

VulnCheck KEV: CVE-2023-4966

Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server...