Skip to main content

Netscaler Console

4 CVEs product

Monthly

CVE-2025-4365 HIGH PATCH This Week

CVE-2025-4365 is an arbitrary file read vulnerability affecting Citrix NetScaler Console and NetScaler SDX (SVM) that allows unauthenticated remote attackers to read sensitive files from affected systems. The vulnerability has a CVSS score of 7.5 (high severity) with a network-accessible attack vector requiring no authentication or user interaction. While specific KEV and EPSS data were not provided in the intelligence sources, the combination of high CVSS, unauthenticated access, and file disclosure capability indicates this requires prompt remediation.

Citrix Information Disclosure Path Traversal Netscaler Console Netscaler Sdx
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-12284 HIGH This Week

Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Citrix Netscaler Agent Netscaler Console
NVD
CVSS 4.0
8.8
EPSS
0.2%
CVE-2024-6236 HIGH This Week

Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Citrix Denial Of Service Netscaler Agent Netscaler Console +1
NVD
CVSS 4.0
7.1
EPSS
0.7%
CVE-2024-6235 CRITICAL POC THREAT Act Now

Sensitive information disclosure in NetScaler Console. Rated critical severity (CVSS 9.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Citrix Netscaler Console
NVD
CVSS 4.0
9.4
EPSS
21.3%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

CVE-2025-4365 is an arbitrary file read vulnerability affecting Citrix NetScaler Console and NetScaler SDX (SVM) that allows unauthenticated remote attackers to read sensitive files from affected systems. The vulnerability has a CVSS score of 7.5 (high severity) with a network-accessible attack vector requiring no authentication or user interaction. While specific KEV and EPSS data were not provided in the intelligence sources, the combination of high CVSS, unauthenticated access, and file disclosure capability indicates this requires prompt remediation.

Citrix Information Disclosure Path Traversal +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Citrix Netscaler Agent +1
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Denial of Service in NetScaler Console (formerly NetScaler ADM), NetScaler Agent, and NetScaler SDX. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Citrix Denial Of Service +3
NVD
EPSS 21% CVSS 9.4
CRITICAL POC THREAT Act Now

Sensitive information disclosure in NetScaler Console. Rated critical severity (CVSS 9.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Citrix +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy