Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable, low-complexity, unauthenticated handler flaw with no user interaction; impact is predominantly availability (DoS) with only minor confidentiality and integrity effects.
Primary rating from Vendor (50a63c94-1ea7-4568-8c11-eb79e7c5a2b5).
CVSS VectorVendor: 50a63c94-1ea7-4568-8c11-eb79e7c5a2b5
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment
AnalysisAI
Denial of service in Citrix NetScaler ADC and NetScaler Gateway stems from multiple memory overflow conditions that produce unpredictable or erroneous behavior when the appliance is configured for specific DNS or load-balancing roles. Remote unauthenticated attackers can send crafted traffic to a vulnerable appliance to crash or destabilize it, with the CVSS 4.0 score of 8.8 driven primarily by high availability impact. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the NetScaler ADC to be configured in at least one of three specific modes: a load-balancing virtual server of type Oracle, a DNS Proxy, or a DNS recursive resolver deployment. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) indicates a network-reachable, low-complexity, unauthenticated attack requiring no user interaction, which is a strong real-world risk profile for an internet-facing appliance. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can reach a NetScaler appliance that is acting as a DNS recursive resolver or DNS proxy sends a stream of malformed DNS queries that trigger the memory overflow, causing the appliance to behave erratically or crash and dropping the services behind it. Because the attack is network-based, unauthenticated, and low-complexity, it can be repeated to sustain an outage; no public POC is currently identified. |
| Remediation | Apply the patched NetScaler ADC/Gateway firmware identified in Citrix advisory CTX696604 (https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604); an exact fixed version was not present in the provided data and must be taken from that advisory. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all Citrix NetScaler ADC and Gateway appliances in your environment and assess which are configured for DNS or load-balancing roles. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Citrix NetScaler ADC and Gateway contain an input validation vulnerability (CVE-2025-5777, CVSS 7.5) leading to memory o
Citrix NetScaler ADC and Gateway contain a memory overflow vulnerability (CVE-2025-6543, CVSS 9.8) leading to unintended
Memory overread in Citrix NetScaler ADC and NetScaler Gateway lets remote attackers read out-of-bounds memory when the a
Improper access control vulnerability in NetScaler ADC and NetScaler Gateway management interfaces that allows unauthent
Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CV
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler
Denial of service and memory corruption in Citrix NetScaler ADC and NetScaler Gateway allows remote unauthenticated atta
Denial of service in Citrix NetScaler ADC and NetScaler Gateway allows remote attackers to crash or render unresponsive
Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appli
Arbitrary file read in Citrix NetScaler ADC and NetScaler Gateway lets unauthenticated attackers on an adjacent network
Privilege Escalation to root administrator (nsroot). Rated high severity (CVSS 8.0), this vulnerability is low attack co
Same weakness CWE-119 – Buffer Overflow
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40308
GHSA-rw96-6cvj-x57v