CVE-2025-4365

Summary

Arbitrary file read in NetScaler Console and NetScaler SDX (SVM)

Affected Software

VendorProductVersion RangeStatus
NetScalerConsole14.1 < 47.46affected
NetScalerConsole13.1 < 58.32affected
NetScalerSDX (SVM)14.1 < 47.46affected
NetScalerSDX (SVM)13.1 < 58.32affected

Weaknesses

  • CWE-1284: CWE-1284 Improper Validation of Specified Quantity in Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References