Citrix Patches Six NetScaler Flaws Enabling File Read, DoS
Citrix released security updates on Tuesday to address six vulnerabilities affecting its NetScaler ADC and NetScaler Gateway products. These flaws could allow attackers to read arbitrary files or cause denial-of-service (DoS) conditions on affected systems. The vulnerabilities were detailed in security advisories published by the company.
One of the critical vulnerabilities, CVE-2026-8451, carries a CVSS score of 8.8, indicating a high severity. This specific flaw is attributed to insufficient input validation within the affected NetScaler components. The company has not disclosed specific details about exploitation attempts, but the nature of the vulnerabilities suggests potential risks to data confidentiality and system availability.
In addition to CVE-2026-8451, five other vulnerabilities were patched. These include issues that could lead to unauthorized file access or disruptions in service. Citrix has provided specific guidance for customers on how to apply the necessary patches and mitigate potential risks. The company urges all users of NetScaler ADC and NetScaler Gateway to update their systems promptly.
While the advisories do not explicitly state whether these vulnerabilities have been actively exploited in the wild, the patching of six distinct flaws underscores the importance of maintaining up-to-date security configurations for network infrastructure. Organizations relying on NetScaler products are advised to review the security bulletins and implement the recommended updates to safeguard their environments against potential cyber threats.
Original source — read the full reporting at the publisher:
Read on The Hacker News