Netscaler Application Delivery Controller Security Vulnerabilities and Issues — Netscaler Application Delivery Controller CVE List

Lucene search

CitrixNetscaler Application Delivery Controller

20 matches found

CVE•added 2024/07/10 7:15 p.m.•7381 views

CVE-2024-5491

Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler

7.5CVSS6.6AI score0.00313EPSS

CVE•added 2024/07/10 7:15 p.m.•7381 views

CVE-2024-5492

Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway

6.1CVSS7.1AI score0.0012EPSS

CVE•added 2024/11/12 7:15 p.m.•3670 views

CVE-2024-8534

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created ...

8.4CVSS6.9AI score0.00389EPSS

CVE•added 2023/07/19 6:15 p.m.•1652 views

CVE-2023-3519

Unauthenticated remote code execution

9.8CVSS10AI score0.89603EPSS

CVE•added 2023/10/10 2:15 p.m.•1000 views

CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

9.4CVSS8.6AI score0.94348EPSS

CVE•added 2024/01/17 9:15 p.m.•484 views

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read

8.2CVSS7.7AI score0.10931EPSS

CVE•added 2024/01/17 8:15 p.m.•296 views

CVE-2023-6548

Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.

8.8CVSS8.8AI score0.23433EPSS

CVE•added 2023/10/27 7:15 p.m.•220 views

CVE-2023-4967

Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server

8.2CVSS7.7AI score0.00439EPSS

CVE•added 2025/06/17 1:15 p.m.•194 views

CVE-2025-5777

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

9.3CVSS9.6AI score0.22491EPSS

CVE•added 2023/07/19 7:15 p.m.•133 views

CVE-2023-3467

Privilege Escalation to root administrator (nsroot)

8CVSS8.7AI score0.00533EPSS

CVE•added 2023/07/19 7:15 p.m.•121 views

CVE-2023-3466

Reflected Cross-Site Scripting (XSS)

8.3CVSS7.2AI score0.01569EPSS

CVE•added 2025/06/25 1:15 p.m.•93 views

CVE-2025-6543

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

9.8CVSS7.4AI score0.03844EPSS

CVE•added 2018/03/01 5:29 p.m.•77 views

CVE-2018-5314

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3...

7.5CVSS7.8AI score0.03479EPSS

CVE•added 2024/11/12 7:15 p.m.•57 views

CVE-2024-8535

Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as ...

8.1CVSS6.5AI score0.00223EPSS

CVE•added 2017/08/02 7:29 p.m.•55 views

CVE-2015-3642

The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Bui...

5.9CVSS4.6AI score0.94084EPSS

CVE•added 2014/05/01 5:28 p.m.•49 views

CVE-2014-2881

Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.

10CVSS6.7AI score0.00421EPSS

CVE•added 2014/07/16 2:19 p.m.•44 views

CVE-2014-4347

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.

5CVSS5.9AI score0.00978EPSS

CVE•added 2013/10/04 5:55 p.m.•43 views

CVE-2013-6011

Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.

7.8CVSS6.7AI score0.0064EPSS

CVE•added 2014/07/16 2:19 p.m.•43 views

CVE-2014-4346

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecifi...

4.3CVSS5.7AI score0.00834EPSS

CVE•added 2014/05/01 5:28 p.m.•41 views

CVE-2014-2882

Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.

10CVSS6.7AI score0.00226EPSS