Skip to main content

Netscaler Console EUVDEUVD-2025-18493

| CVE-2025-4365 HIGH
Improper Validation of Specified Quantity in Input (CWE-1284)
2025-06-17 secure@citrix.com
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:38 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
58.32,47.46
EUVD ID Assigned
Mar 14, 2026 - 22:15 euvd
EUVD-2025-18493
Analysis Generated
Mar 14, 2026 - 22:15 vuln.today
CVE Published
Jun 17, 2025 - 13:15 nvd
HIGH 7.5

DescriptionCVE.org

Arbitrary file read in NetScaler Console and NetScaler SDX (SVM)

AnalysisAI

CVE-2025-4365 is an arbitrary file read vulnerability affecting Citrix NetScaler Console and NetScaler SDX (SVM) that allows unauthenticated remote attackers to read sensitive files from affected systems. The vulnerability has a CVSS score of 7.5 (high severity) with a network-accessible attack vector requiring no authentication or user interaction. While specific KEV and EPSS data were not provided in the intelligence sources, the combination of high CVSS, unauthenticated access, and file disclosure capability indicates this requires prompt remediation.

Technical ContextAI

This vulnerability falls under CWE-1284 (Improper Validation of Specified Quantity in Input), which typically involves insufficient validation of input boundaries or file path traversal controls. In the NetScaler Console and SDX (Standalone Virtual Machine) context, this likely affects the management API or HTTP request handling layer that processes file or path-based requests without proper sanitization. NetScaler products are Citrix's application delivery and security appliances that run on physical hardware (NetScaler SDX) or as virtual machines (NetScaler Console/SVM). The vulnerability enables attackers to bypass access controls on the file system through improperly validated requests, potentially exposing configuration files, credentials, certificates, or other sensitive data stored on these management appliances.

RemediationAI

  1. Consult Citrix Security Advisory (CTX number not provided in available intelligence—verify via Citrix official channels). 2. Apply vendor-provided patches to affected NetScaler Console and SDX instances immediately. 3. Until patching is complete: (a) Restrict network access to NetScaler management interfaces (port 443, 80) to trusted administrative networks only, implementing network-level access controls (firewall rules, IP whitelisting); (b) Do not expose NetScaler management interfaces directly to the internet; (c) Monitor access logs for suspicious file read requests. 4. Verify patch deployment and confirm vulnerability remediation through Citrix's verification procedures. Contact Citrix support (support.citrix.com) or your account representative for patch availability and version-specific guidance, as patch timelines were not provided in the intelligence sources.

Share

EUVD-2025-18493 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy