Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2m4h-vp37-6746

Опубликовано: 26 авг. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 9.2
CVSS3: 9.8

Описание

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers

(OR)

CR virtual server with type HDX

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers

(OR)

NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers

(OR)

CR virtual server with type HDX

Ссылки

EPSS

Процентиль: 93%
0.09673
Низкий

9.2 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

CVE-2025-7775

Дефекты

CWE-119

Связанные уязвимости

nvd логотип

CVE-2025-7775

CVSS3: 9.8
nvd
8 дней назад

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX

fstec логотип

BDU:2025-10349

CVSS3: 9
fstec
9 дней назад

Уязвимость контроллера доставки приложений NetScaler ADC (ранее Citrix ADC) и системы контроля доступа к виртуальной среде NetScaler Gateway (ранее Citrix Gateway), позволяющая нарушителю выполнить произвольный код и вызвать отказ в обслуживании

EPSS

Процентиль: 93%
0.09673
Низкий

9.2 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

CVE-2025-7775

Дефекты

CWE-119