What is the CVSS score of CVE-2025-5349?

CVE-2025-5349 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Is there a public PoC exploit available for CVE-2025-5349?

Yes, a public proof-of-concept exploit is available for CVE-2025-5349. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-5349?

Within 24 hours: Identify all NetScaler ADC and NetScaler Gateway instances in your environment and confirm their current versions. Within 7 days: Apply the vendor-released security patch from Citrix to all affected systems, starting with production management interfaces; implement network segmentation to restrict management interface access to authorized administrative networks only. Within 30 days: Conduct a security audit of management interface access logs for evidence of unauthorized access attempts; verify patch deployment across all instances; document baseline configuration of all patched systems.

Netscaler Application Delivery Controller CVE-2025-5349

Q: Which versions of Netscaler Application Delivery Controller are affected by CVE-2025-5349?

CVE-2025-5349 is a critical access control bypass in Citrix NetScaler ADC and Gateway management interfaces that allows unauthenticated attackers on the adjacent network to gain full control of these…. A patch is available.

EUVD-2025-18494 HIGH

Improper Validation of Specified Quantity in Input (CWE-1284)

2025-06-17 secure@citrix.com

Information Disclosure Citrix Netscaler Application Delivery Controller Netscaler Gateway

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:38 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

43.56,58.32

EUVD ID Assigned

Mar 14, 2026 - 22:15 euvd

EUVD-2025-18494

Analysis Generated

Mar 14, 2026 - 22:15 vuln.today

PoC Detected

Aug 06, 2025 - 17:50 vuln.today

Public exploit code

CVE Published

Jun 17, 2025 - 13:15 nvd

HIGH 8.8

DescriptionNVD

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway

AnalysisAI

Improper access control vulnerability in NetScaler ADC and NetScaler Gateway management interfaces that allows unauthenticated attackers on the adjacent network to gain high-impact unauthorized access (confidentiality, integrity, and availability compromise) without requiring user interaction. This is a critical flaw affecting widely-deployed Citrix infrastructure used by enterprises for application delivery and remote access, with high CVSS 8.8 score reflecting the severity of direct control plane compromise.

Technical ContextAI

This vulnerability stems from CWE-1284 (Improper Validation of Specified Quantity in Input), which manifests as broken access control on the NetScaler Management Interface—the administrative console used to configure and manage ADC (Application Delivery Controller) and Gateway (remote access/VPN) appliances. The management interface likely fails to properly validate authentication tokens, session identifiers, or access control lists when processing administrative API requests or web console interactions. NetScaler products run on dedicated hardware appliances (CPE: cpe:2.3:a:citrix:netscaler_adc and cpe:2.3:a:citrix:netscaler_gateway) and manage north-south traffic for applications, making the management interface a critical security boundary. The adjacent network attack vector (AV:A) indicates the attacker must be on the same network segment or have network-layer proximity, suggesting this could be exploited via ARP spoofing, VLAN hopping, or from a compromised internal host—not from the internet directly.

RemediationAI

Immediate: Apply vendor patches from Citrix security advisory—expect patches for current supported branches (typically latest minor versions in 13.1-lts, 14.1, 15.0+ tracks). 2. Verify patched version installation via CLI or web console and reboot appliances if required. 3. Interim mitigation while patches are tested: Restrict network access to the management interface via firewall ACLs—limit management plane (port 443 HTTPS, port 80 HTTP, SSH port 22) to trusted administrative subnets only; implement network segmentation ensuring management interfaces are not reachable from untrusted network segments or user LANs. 4. Monitor for exploitation: Enable and review audit logs on the management interface for unauthorized access attempts, configuration changes, or API calls from unexpected sources. 5. Change administrative credentials post-patch to invalidate any potentially leaked session tokens. Detailed patch versions and advisory links should be obtained from Citrix Security Bulletin (reference to Citrix CVSS-2025-5349 or NetScaler security advisory).

CVE-2025-5349 vulnerability details – vuln.today

Back

Netscaler Application Delivery Controller CVE-2025-5349

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code