24 matches found
CVE-2024-5491
CVE-2024-5491 affects Citrix NetScaler ADC and NetScaler Gateway. The security bulletin CTX677944 details that the following ranges are vulnerable when using affected builds: NetScaler ADC/Gateway 14.1 before 14.1-25.53; 13.1 before 13.1-53.17; 13.0 before 13.0-92.31; 13.1-FIPS before 13.1-37.183...
CVE-2024-5492
CVE-2024-5492 is a real open redirect vulnerability in Citrix NetScaler ADC and NetScaler Gateway (remote unauthenticated attacker) described in the CTX677944 advisory. Affected versions include NetScaler ADC/Gateway 14.1 before 14.1-25.53, 13.1 before 13.1-53.17, 13.0 before 13.0-92.31, 13.1-FIP...
CVE-2024-8534
Summary: CVE-2024-8534 is a memory safety vulnerability in Citrix NetScaler ADC and NetScaler Gateway that can cause memory corruption and Denial of Service when the device is configured as a Gateway/VPN Vserver with RDP features enabled (or with an RDP Proxy Server Profile) or when the Auth Serv...
CVE-2023-3519
CVE-2023-3519 is an unauthenticated remote code execution in Citrix NetScaler ADC/Gateway. Exploitation enables an attacker with network access to run arbitrary code, potentially deploy web shells and fully compromise affected systems. Public advisories and multiple connected documents describe a...
CVE-2023-4966
CVE-2023-4966 affects Citrix NetScaler ADC and NetScaler Gateway when configured as a Gateway or AAA virtual server. The issue stems from improper usage of snprintf/memory handling in the WebProc/auth pathways, causing memory disclosure via crafted responses and exposing sensitive data (e.g., aut...
CVE-2023-6549
CVE-2023-6549 : A memory-buffer boundary violation in Citrix NetScaler ADC and NetScaler Gateway allows unauthenticated denial of service and an out-of-bounds memory read when the appliance is configured as a gateway or AAA virtual server. Affected versions include NetScaler ADC/Gateway 14.1 befo...
CVE-2025-7775
CVE-2025-7775 is a memory overflow vulnerability in Citrix NetScaler ADC and NetScaler Gateway. The CVE affects deployments where the appliance is configured as a Gateway (VPN VServer, ICA Proxy, CVPN, RDP Proxy) or AAA VServer, and also affects LB virtual servers of type HTTP, SSL, or HTTP_QUIC ...
CVE-2023-6548
CVE-2023-6548 is a Code Injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway. The issue allows authenticated remote code execution on the management interface (NSIP/CLIP/SNIP) due to improper generation of code, affecting the management plane. Exploitation has been observed in th...
CVE-2025-5777
CVE-2025-6543 is a memory overflow vulnerability in Citrix NetScaler ADC and NetScaler Gateway that can cause unintended control flow and Denial of Service when the appliance is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. The Citrix security bulle...
CVE-2023-4967
CVE-2023-4967 affects Citrix NetScaler ADC and NetScaler Gateway. The issue is a Denial of Service when the appliance is configured as a Gateway (VPN/VPN-like services) or AAA virtual server. Connected documents confirm the vulnerability scope and link to Citrix advisory CTX579459, which details ...
CVE-2025-6543
CVE-2025-6543 affects Citrix NetScaler ADC and NetScaler Gateway. The vulnerability is a memory overflow in the WebProc/AAA gateway flow triggered when processing the Host header via the /nf/auth/startwebview.do path, causing uncontrolled memory access that can lead to a Denial of Service and uni...
CVE-2023-3467
Citrix CTX561482 documents CVE-2023-3467 as part of multiple vulnerabilities affecting NetScaler ADC/Gateway. It is a Privilege Escalation to root administrator (nsroot) vulnerability. Affected versions (per the bulletin) include NetScaler ADC/Gateway 13.1 before 13.1-49.13, 13.0 before 13.0-91.1...
CVE-2023-3466
CVE-2023-3466 is a reflected Cross-Site Scripting (XSS) vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway. According to Citrix CTX561482, affected versions include NetScaler ADC/Gateway 13.1 before 13.1-49.13, 13.0 before 13.0-91.13, 13.1-FIPS before 13.1-37.159, 12.1-FIPS before...
CVE-2018-5314
CVE-2018-5314 affects Citrix NetScaler ADC and NetScaler Gateway (11.0/11.1/12.0) and the NetScaler LB instance in SD-WAN/CloudBridge 9.3.0, allowing a remote attacker to execute system commands or read files via an SSH login prompt. Affected versions and fixes are documented in Citrix advisories...
CVE-2025-5349
The CVE-2025-5349 issue is an Improper Access Control vulnerability in the NetScaler Management Interface of Citrix NetScaler ADC and NetScaler Gateway. Connected sources specify that exploitation would allow unauthorized access to management interfaces via NSIP/Cluster Management IP/GSLB Site IP...
CVE-2015-3642
Technical details for CVE-2015-3642 are not publicly available in the provided documents; monitor for updates.
CVE-2024-8535
Affected products: Citrix NetScaler ADC and NetScaler Gateway. Vulnerability: Authenticated users can access unintended user capabilities when the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with Kerberos SSO using a KCDAccount, or as an Auth Server (AAA Vserver) wi...
CVE-2014-2881
The CVE-2014-2881 issue affects Citrix NetScaler devices (ADC and NetScaler Gateway) where the Diffie-Hellman key exchange in the management GUI Java applet uses a weak RNG. The root cause is use of java.util.Random to generate secret values, with known predictors and small seed sizes (32/48 bits...
CVE-2025-7776
CVE-2025-7776 is a memory overflow vulnerability in Citrix NetScaler ADC/NetScaler Gateway. Affected when Gateway or AAA Vservers are used and a PCoIP Profile is bound to the NetScaler, enabling memory corruption that leads to unpredictable behavior and Denial of Service. Remediation requires upg...
CVE-2014-4347
Citrix NetScaler ADC and NetScaler Gateway (formerly Access Gateway) are affected by CVE-2014-4347. The vulnerability allows attackers to obtain sensitive information via cookie-related vectors on versions before 9.3-62.4 and 10.x before 10.1-126.12. Technical detail from SEC Consult and corrobor...
CVE-2014-4346
CVE-2014-4346 is a cross-site scripting (XSS) vulnerability affecting Citrix NetScaler ADC/Gateway administration UI. SEC Consult and related sources indicate vulnerable releases include Citrix NetScaler VPX 10.0 and all 10.1 before 10.1-126.12, and 9.3 before 9.3-62.4. Fixed versions are 9.3-62....
CVE-2026-3055
CVE-2026-3055 affects Citrix NetScaler ADC/NetScaler Gateway when configured as a SAML IDP, causing a memory overread due to insufficient input validation. Affected versions per Nessus plugin: NetScaler ADC/Gateway 14.1 prior to 14.1-66.59; 13.1 prior to 13.1-62.23; and 13.1-FIPS/NDcPP prior to 1...
CVE-2013-6011
CVE-2013-6011 affects Citrix NetScaler (ADC) 10.0 prior to 10.0-76.7, where a crafted request can remotely trigger a denial of service by crashing nsconfigd and rebooting the appliance. The NVD and multiple sources consistently describe an unauthenticated remote DoS vector via the nsconfigd daemo...
CVE-2014-2882
CVE-2014-2882 affects Citrix NetScaler management GUI; the SSL context assigns an empty trust manager, causing certificate validation to be bypassed and any certificate to be accepted. Affected versions are NetScaler ADC/Gateway prior to 9.3-66.5 and 10.x prior to 10.1-122.17. Affected via the ma...