VYPR

NetScaler Gateway

by Citrix Systems

CVEs (16)

  • CVE-2023-4966CriKEVOct 10, 2023
    risk 0.90cvss 9.4epss 1.00

    Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.

  • CVE-2025-5777HigKEVJun 17, 2025
    risk 0.78cvss 7.5epss 1.00

    Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

  • CVE-2023-6549HigKEVJan 17, 2024
    risk 0.70cvss 8.2epss 0.58

    Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read

  • CVE-2025-5349HigJun 17, 2025
    risk 0.57cvss 8.8epss 0.04

    Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway

  • CVE-2020-8247HigSep 18, 2020
    risk 0.57cvss 8.8epss 0.01

    Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before…

  • CVE-2024-8535HigNov 12, 2024
    risk 0.53cvss 8.1epss 0.00

    Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the…

  • CVE-2024-8534HigNov 12, 2024
    risk 0.53cvss 8.1epss 0.01

    Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy…

  • CVE-2023-4967HigOct 27, 2023
    risk 0.53cvss 8.2epss 0.01

    Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server

  • CVE-2024-5491HigJul 10, 2024
    risk 0.49cvss 7.5epss 0.01

    Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler

  • CVE-2020-8246HigSep 18, 2020
    risk 0.49cvss 7.5epss 0.02

    Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before…

  • CVE-2019-12044HigMay 22, 2019
    risk 0.49cvss 7.5epss 0.02

    A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8,…

  • CVE-2023-6548MedKEVJan 17, 2024
    risk 0.48cvss 5.5epss 0.03

    Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface.

  • CVE-2020-8300MedJun 16, 2021
    risk 0.42cvss 6.5epss 0.03

    Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or…

  • CVE-2024-5492MedJul 10, 2024
    risk 0.40cvss 6.1epss 0.01

    Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websites in NetScaler ADC and NetScaler Gateway

  • CVE-2019-6485MedFeb 22, 2019
    risk 0.39cvss 5.9epss 0.02

    Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before…

  • CVE-2018-18517MedOct 24, 2018
    risk 0.31cvss 4.8epss 0.01

    Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.