- Citrix solves three defects in Netscaler ADC and Netscaler Gateway
- Among them is a critical severity used as a zero day that allowed RCE attacks and two
Citrix has solved three errors in its instances of Netscaler ADC and Netscaler Gateway, including a critical failure of zero day that was apparently abusing nature.
In a new notice, the company said it repaired multiple defects, including a vulnerability of memory overflow that could lead to the execution of remote code (RCE) or service denial attacks (two) at the Netscaler ADC and Netscaler gateway (when Netscaler is configured as a AAA virtual link or virtual server).
Vulnerability is tracked as CVE-2025-7775 and has a gravity score of 9.2/10 (critic).
Configuration failures
Citrix has urged users to repair immediately since computer pirates are already taking advantage of the error in real -life attacks.
“As of August 26, 2025 Cloud Software Group has reasons to believe that CVE-2025-7775 exploits have been observed in non-mitigated appliances, and strongly recommends customers who update their NetScaler firmware to the versions that contain the solution, since there are no mitigation available to protect against a possible exploitation,” he said.
Fortunately, taking advantage of the error is not particularly simple, since the devices must be configured specifically for that to happen:
– Netscaler must be configured as a gateway (VPN Virtual Server, Ica Proxy, CVPN, RDP Proxy) or AAA Virtual Server
– Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: Type LB virtual servers (HTTP, SSL or HTTP_QUIC) linked to IPV6 services or service groups linked to IPV6
– Netscaler ADC and Netscaler Gateway 13.1, 14.1, 13.1-FIPS and NDCPP: Virtual LB Servers (HTTP, SSL or HTTP_QUIC) Linked to IPV6 DBS services or service groups linked to DBS servers IPV6 CR Virtual Server with HDX type
Citrix has launched configuration settings that can verify if the Netscaler device configuration leaves it vulnerable to the exploits.
Two other paved errors are a vulnerability of tracked memory overflow such as CVE-2025-7776, and an incorrect access control in the error of the Nescaler administration interface tracked as CVE-2025-8424.
Through Bleepingcomputer
