CVE-2025-7775

Published: Aug 26, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX

Vendor	Product	Versions
NetScaler	ADC	affected `14.1 - < 47.48` affected `13.1 - < 59.22` affected `13.1 FIPS and NDcPP - < 37.241` affected `12.1 FIPS and NDcPP - < 55.330`
NetScaler	Gateway	affected `14.1 - < 47.48` affected `13.1 - < 59.22` affected `13.1 FIPS and NDcPP - < 37.241` affected `12.1 FIPS and NDcPP - < 55.330`

Weaknesses (CWE)

CWE-119

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-7775

Description

Affected Products

Weaknesses (CWE)

References