{"id":27815,"date":"2025-07-07T16:45:21","date_gmt":"2025-07-07T14:45:21","guid":{"rendered":"https:\/\/perseus.de\/critical-vulnerabilities-in-citrix-netscaler\/"},"modified":"2026-03-31T07:19:33","modified_gmt":"2026-03-31T05:19:33","slug":"critical-vulnerabilities-in-citrix-netscaler","status":"publish","type":"post","link":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/","title":{"rendered":"Critical vulnerabilities in Citrix NetScaler"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"27815\" class=\"elementor elementor-27815 elementor-23776\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-dcf4ec4 e-flex e-con-boxed e-con e-parent\" data-id=\"dcf4ec4\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e1db58c elementor-widget elementor-widget-image\" data-id=\"e1db58c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"800\" height=\"200\" src=\"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png\" class=\"attachment-large size-large wp-image-27799\" alt=\"\" srcset=\"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png 1024w, https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-300x75.png 300w, https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-768x192.png 768w, https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025.png 1200w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-1258a43 e-flex e-con-boxed e-con e-parent\" data-id=\"1258a43\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-2de4e88 e-con-full e-flex e-con e-child\" data-id=\"2de4e88\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-4982c80 elementor-widget elementor-widget-text-editor\" data-id=\"4982c80\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h6>07.07.2025<\/h6>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8348bc5 elementor-widget elementor-widget-heading\" data-id=\"8348bc5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Critical vulnerabilities in Citrix NetScaler \u2013 active attacks observed<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-eb03842 e-con-full e-flex e-con e-child\" data-id=\"eb03842\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-91d0988 elementor-widget elementor-widget-text-editor\" data-id=\"91d0988\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">In recent weeks, several serious security vulnerabilities have been discovered in <\/span><a href=\"https:\/\/www.heise.de\/news\/CitrixBleed-2-Indizien-fuer-laufende-Angriffe-auf-Sicherheitsleck-10464142.html\"><b>Citrix NetScaler ADC and Gateway<\/b> <\/a><span style=\"font-weight: 400;\">\u2013 some of them known as <\/span><b>&#8220;CitrixBleed 2&#8221;.<\/b><span style=\"font-weight: 400;\"> Although the vulnerabilities have already been fixed by the manufacturer, experts classify them as <\/span><b>critical<\/b><span style=\"font-weight: 400;\"> .<\/span><\/p><p data-start=\"79\" data-end=\"370\"><span style=\"font-weight: 400;\">IT security researchers report <\/span><b>active attacks<\/b> <span style=\"font-weight: 400;\">in which, among other things, existing web sessions were compromised and authentications were obtained without the knowledge of the users \u2013 <\/span><b>suggesting that active multi-factor authentication could also be bypassed<\/b><span style=\"font-weight: 400;\">.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-ceb0f40 e-flex e-con-boxed e-con e-parent\" data-id=\"ceb0f40\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ffbdc12 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"ffbdc12\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-02dd0e9 e-flex e-con-boxed e-con e-parent\" data-id=\"02dd0e9\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-16d621d e-con-full e-flex e-con e-child\" data-id=\"16d621d\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-89904c7 elementor-widget elementor-widget-text-editor\" data-id=\"89904c7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>What happened?<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-fae461d e-con-full e-flex e-con e-child\" data-id=\"fae461d\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0f04793 elementor-widget elementor-widget-text-editor\" data-id=\"0f04793\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Currently, CERT.at and numerous email security vendors are seeing an increase in phishing campaigns that use email attachments in Scalable Vector Graphics (SVG) format. These vector graphics contain embedded JavaScript code that can be executed from the browser when opened. Attackers use this to load fake login pages or install malware \u2013 with the aim of grabbing access data. The affected SVG files often disguise themselves as invoices, voice messages, or documents to be signed.   <\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-cdadbd8 e-flex e-con-boxed e-con e-parent\" data-id=\"cdadbd8\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-104dd95 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"104dd95\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-71fc1cf e-con-full e-flex e-con e-child\" data-id=\"71fc1cf\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t<div class=\"elementor-element elementor-element-ca1a3f3 e-con-full e-flex e-con e-child\" data-id=\"ca1a3f3\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t<div class=\"elementor-element elementor-element-66292b3 e-con-full e-flex e-con e-child\" data-id=\"66292b3\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-9745167 elementor-widget elementor-widget-text-editor\" data-id=\"9745167\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<b>Reported vulnerabilities <br>(Source: <\/b><a href=\"https:\/\/www.bsi.bund.de\/SharedDocs\/Cybersicherheitswarnungen\/DE\/2025\/2025-254480-1032.pdf?__blob=publicationFile&amp;v=2\"><b>BSI)<\/b><\/a><b><\/b>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-35b99f8 e-con-full e-flex e-con e-child\" data-id=\"35b99f8\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-81c2064 elementor-widget elementor-widget-text-editor\" data-id=\"81c2064\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img decoding=\"async\" class=\"alignnone wp-image-23777 size-large\" src=\"https:\/\/perseus.de\/wp-content\/uploads\/2025\/07\/Threat-Alert-CVEs-Citrix-NetScaler-1024x353.png\" alt=\"\" width=\"800\" height=\"276\" srcset=\"https:\/\/perseus.de\/wp-content\/uploads\/2025\/07\/Threat-Alert-CVEs-Citrix-NetScaler-1024x353.png 1024w, https:\/\/perseus.de\/wp-content\/uploads\/2025\/07\/Threat-Alert-CVEs-Citrix-NetScaler-300x103.png 300w, https:\/\/perseus.de\/wp-content\/uploads\/2025\/07\/Threat-Alert-CVEs-Citrix-NetScaler-768x265.png 768w, https:\/\/perseus.de\/wp-content\/uploads\/2025\/07\/Threat-Alert-CVEs-Citrix-NetScaler-1536x529.png 1536w, https:\/\/perseus.de\/wp-content\/uploads\/2025\/07\/Threat-Alert-CVEs-Citrix-NetScaler.png 1553w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4dfc5b9 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"4dfc5b9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-174b215 e-flex e-con-boxed e-con e-parent\" data-id=\"174b215\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-e560a6b e-con-full e-flex e-con e-child\" data-id=\"e560a6b\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-013b67e elementor-widget elementor-widget-text-editor\" data-id=\"013b67e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>Who is affected?<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-a72ed48 e-con-full e-flex e-con e-child\" data-id=\"a72ed48\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-db8754f elementor-widget elementor-widget-text-editor\" data-id=\"db8754f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">NetScaler ADC and NetScaler Gateway 14.1 prior to 14.1-47.46  <\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">NetScaler ADC and NetScaler Gateway 13.1 prior to 13.1-59.19  <\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">NetScaler ADC 13.1-FIPS and NDcPP prior to 13.1-37.236-FIPS and NDcPP  <\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">NetScaler ADC 12.1-FIPS prior to 12.1-55.328-FIPS (not affected by CVE-2025-6543)<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-da9fcac e-flex e-con-boxed e-con e-parent\" data-id=\"da9fcac\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-70aad00 e-con-full e-flex e-con e-child\" data-id=\"70aad00\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-55be951 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"55be951\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-d3f9227 e-flex e-con-boxed e-con e-parent\" data-id=\"d3f9227\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-6059711 e-con-full e-flex e-con e-child\" data-id=\"6059711\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-26eea72 elementor-widget elementor-widget-text-editor\" data-id=\"26eea72\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>How can I protect myself?<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-724b6c6 e-con-full e-flex e-con e-child\" data-id=\"724b6c6\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-f0c2fb4 elementor-widget elementor-widget-text-editor\" data-id=\"f0c2fb4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><b>1. Install security updates (urgently!)<\/b><\/p><p><span style=\"font-weight: 400;\">Immediately install <\/span><b><span style=\"font-weight: 400;\"> the patches provided by the manufacturer:<\/span><\/b><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">14.1-47.46 or newer<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">13.1-59.19 or newer<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">13.1-37.236-FIPS\/NDcPP or newer<\/span><\/li><\/ul><p><br><b><\/b><\/p><p><b>2. Check the configuration<\/b><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Allow access to the management interface only from trusted networks.<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Disable unnecessary services and interfaces.<\/span><\/li><\/ul><p><span style=\"font-weight: 400;\"> <\/span><\/p><p><b>3. Monitor systems<\/b><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Enable logging and intrusion detection.<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Monitor suspicious activity (e.g., unusual session behavior, failed logins).<\/span><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-65d84f2 e-flex e-con-boxed e-con e-parent\" data-id=\"65d84f2\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-3c936a5 e-con-full e-flex e-con e-child\" data-id=\"3c936a5\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-3bbb54c elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"3bbb54c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-36d5f66 e-flex e-con-boxed e-con e-parent\" data-id=\"36d5f66\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-60eb6a0 elementor-widget elementor-widget-heading\" data-id=\"60eb6a0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">What exactly does the Citrix Netscaler ADC do?  <\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-092ac14 elementor-widget elementor-widget-text-editor\" data-id=\"092ac14\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-start=\"217\" data-end=\"481\"><b>Citrix NetScaler ADC (Application Delivery Controller)<\/b><span style=\"font-weight: 400;\"> is a system that enables secure, fast, and reliable access to web applications \u2013 even under heavy loads. It is widely used in enterprises for load balancing, performance optimization, and security.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-dcff67d e-flex e-con-boxed e-con e-parent\" data-id=\"dcff67d\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-ad15629 e-con-full e-flex e-con e-child\" data-id=\"ad15629\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-dd3e115 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"dd3e115\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Several critical vulnerabilities in Citrix NetScaler ADC and Gateway allow attackers to take over active web sessions, sometimes even bypassing multi-factor authentication.  <\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[64],"tags":[],"class_list":["post-27815","post","type-post","status-publish","format-standard","hentry","category-hazard-warning"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Critical vulnerabilities in Citrix NetScaler - Perseus Technologies<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical vulnerabilities in Citrix NetScaler - Perseus Technologies\" \/>\n<meta property=\"og:description\" content=\"Several critical vulnerabilities in Citrix NetScaler ADC and Gateway allow attackers to take over active web sessions, sometimes even bypassing multi-factor authentication.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/\" \/>\n<meta property=\"og:site_name\" content=\"Perseus Technologies\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-07T14:45:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-31T05:19:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Xenia Silbe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xenia Silbe\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/\"},\"author\":{\"name\":\"Xenia Silbe\",\"@id\":\"https:\\\/\\\/perseus.de\\\/#\\\/schema\\\/person\\\/42cdb0ff9720a4c92a2613f686b32f46\"},\"headline\":\"Critical vulnerabilities in Citrix NetScaler\",\"datePublished\":\"2025-07-07T14:45:21+00:00\",\"dateModified\":\"2026-03-31T05:19:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/\"},\"wordCount\":315,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/perseus.de\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png\",\"articleSection\":[\"Hazard warning\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/\",\"url\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/\",\"name\":\"Critical vulnerabilities in Citrix NetScaler - Perseus Technologies\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/perseus.de\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png\",\"datePublished\":\"2025-07-07T14:45:21+00:00\",\"dateModified\":\"2026-03-31T05:19:33+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#primaryimage\",\"url\":\"https:\\\/\\\/perseus.de\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png\",\"contentUrl\":\"https:\\\/\\\/perseus.de\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/perseus.de\\\/en\\\/critical-vulnerabilities-in-citrix-netscaler\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/perseus.de\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Critical vulnerabilities in Citrix NetScaler\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/perseus.de\\\/#website\",\"url\":\"https:\\\/\\\/perseus.de\\\/\",\"name\":\"perseus-web.de\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/perseus.de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/perseus.de\\\/#organization\",\"name\":\"perseus-web.de\",\"url\":\"https:\\\/\\\/perseus.de\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/perseus.de\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/perseus.de\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/PerseusTechnologie_Color-2.png\",\"contentUrl\":\"https:\\\/\\\/perseus.de\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/PerseusTechnologie_Color-2.png\",\"width\":536,\"height\":172,\"caption\":\"perseus-web.de\"},\"image\":{\"@id\":\"https:\\\/\\\/perseus.de\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/perseus.de\\\/#\\\/schema\\\/person\\\/42cdb0ff9720a4c92a2613f686b32f46\",\"name\":\"Xenia Silbe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ad1725c4df9d407f031b1429111650ed671361b6db97d9353d2b0d1aea2f67ed?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ad1725c4df9d407f031b1429111650ed671361b6db97d9353d2b0d1aea2f67ed?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ad1725c4df9d407f031b1429111650ed671361b6db97d9353d2b0d1aea2f67ed?s=96&d=mm&r=g\",\"caption\":\"Xenia Silbe\"},\"sameAs\":[\"https:\\\/\\\/perseus.de\\\/\"],\"url\":\"https:\\\/\\\/perseus.de\\\/en\\\/author\\\/xenia-silbe\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical vulnerabilities in Citrix NetScaler - Perseus Technologies","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/","og_locale":"en_US","og_type":"article","og_title":"Critical vulnerabilities in Citrix NetScaler - Perseus Technologies","og_description":"Several critical vulnerabilities in Citrix NetScaler ADC and Gateway allow attackers to take over active web sessions, sometimes even bypassing multi-factor authentication.","og_url":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/","og_site_name":"Perseus Technologies","article_published_time":"2025-07-07T14:45:21+00:00","article_modified_time":"2026-03-31T05:19:33+00:00","og_image":[{"width":1200,"height":300,"url":"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025.png","type":"image\/png"}],"author":"Xenia Silbe","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Xenia Silbe","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#article","isPartOf":{"@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/"},"author":{"name":"Xenia Silbe","@id":"https:\/\/perseus.de\/#\/schema\/person\/42cdb0ff9720a4c92a2613f686b32f46"},"headline":"Critical vulnerabilities in Citrix NetScaler","datePublished":"2025-07-07T14:45:21+00:00","dateModified":"2026-03-31T05:19:33+00:00","mainEntityOfPage":{"@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/"},"wordCount":315,"commentCount":0,"publisher":{"@id":"https:\/\/perseus.de\/#organization"},"image":{"@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#primaryimage"},"thumbnailUrl":"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png","articleSection":["Hazard warning"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/","url":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/","name":"Critical vulnerabilities in Citrix NetScaler - Perseus Technologies","isPartOf":{"@id":"https:\/\/perseus.de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#primaryimage"},"image":{"@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#primaryimage"},"thumbnailUrl":"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png","datePublished":"2025-07-07T14:45:21+00:00","dateModified":"2026-03-31T05:19:33+00:00","breadcrumb":{"@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#primaryimage","url":"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png","contentUrl":"https:\/\/perseus.de\/wp-content\/uploads\/2025\/04\/Gefahrenwarnung-Headerbild-Website-2025-1024x256.png"},{"@type":"BreadcrumbList","@id":"https:\/\/perseus.de\/en\/critical-vulnerabilities-in-citrix-netscaler\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/perseus.de\/"},{"@type":"ListItem","position":2,"name":"Critical vulnerabilities in Citrix NetScaler"}]},{"@type":"WebSite","@id":"https:\/\/perseus.de\/#website","url":"https:\/\/perseus.de\/","name":"perseus-web.de","description":"","publisher":{"@id":"https:\/\/perseus.de\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/perseus.de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/perseus.de\/#organization","name":"perseus-web.de","url":"https:\/\/perseus.de\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/perseus.de\/#\/schema\/logo\/image\/","url":"https:\/\/perseus.de\/wp-content\/uploads\/2025\/03\/PerseusTechnologie_Color-2.png","contentUrl":"https:\/\/perseus.de\/wp-content\/uploads\/2025\/03\/PerseusTechnologie_Color-2.png","width":536,"height":172,"caption":"perseus-web.de"},"image":{"@id":"https:\/\/perseus.de\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/perseus.de\/#\/schema\/person\/42cdb0ff9720a4c92a2613f686b32f46","name":"Xenia Silbe","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/ad1725c4df9d407f031b1429111650ed671361b6db97d9353d2b0d1aea2f67ed?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/ad1725c4df9d407f031b1429111650ed671361b6db97d9353d2b0d1aea2f67ed?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ad1725c4df9d407f031b1429111650ed671361b6db97d9353d2b0d1aea2f67ed?s=96&d=mm&r=g","caption":"Xenia Silbe"},"sameAs":["https:\/\/perseus.de\/"],"url":"https:\/\/perseus.de\/en\/author\/xenia-silbe\/"}]}},"_links":{"self":[{"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/posts\/27815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/comments?post=27815"}],"version-history":[{"count":1,"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/posts\/27815\/revisions"}],"predecessor-version":[{"id":27816,"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/posts\/27815\/revisions\/27816"}],"wp:attachment":[{"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/media?parent=27815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/categories?post=27815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/perseus.de\/en\/wp-json\/wp\/v2\/tags?post=27815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}