Vulnerability in Netscaler Adc

CVE-2025-5349

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway

EPSS: 0.009 (75.8th percentile) — read the EPSS interpretation.

Affected products

Netscaler Adc — versions 14.1, 13.1

Weakness classification (CWE)

CWE-1284 — Improper Validation of Specified Quantity in Input

Public proof-of-concept exploits

References

support.citrix.com/support-home/kbsearch/article

Frequently asked questions

What is CVE-2025-5349?: CVE-2025-5349 is a vulnerability in Netscaler Adc, classified under Improper Validation of Specified Quantity in Input. Published 2025-06-17.
Is CVE-2025-5349 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.