CVE-2025-8424

Published: Aug 26, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access

Vendor	Product	Versions
NetScaler	ADC	affected `14.1 - < 47.48` affected `13.1 - < 59.22` affected `13.1 FIPS and NDcPP - < 37.241` affected `12.1 FIPS and NDcPP - < 55.330`
NetScaler	Gateway	affected `14.1 - < 47.48` affected `13.1 - < 59.22` affected `13.1 FIPS and NDcPP - < 37.241` affected `12.1 FIPS and NDcPP - < 55.330`

Weaknesses (CWE)

CWE-1284

References

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-8424

Description

Affected Products

Weaknesses (CWE)

References