Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-7775

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX

Published

2025-08-26T13:15:32.870

Last Modified

2025-08-27T14:26:22.103

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	citrix	netscaler_application_delivery_controller	< 12.1-55.330	Yes
Application	citrix	netscaler_application_delivery_controller	< 12.1-55.330	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-37.241	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-37.241	Yes
Application	citrix	netscaler_application_delivery_controller	< 13.1-59.22	Yes
Application	citrix	netscaler_application_delivery_controller	< 14.1-47.48	Yes
Application	citrix	netscaler_gateway	< 13.1-59.22	Yes
Application	citrix	netscaler_gateway	< 14.1-47.48	Yes

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 Vendor Advisory ([email protected])