CVE-2026-10816

Summary

Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled

Affected Software

VendorProductVersion RangeStatus
NetScalerADC14.1 < 72.61affected
NetScalerADC13.1 < 63.18affected
NetScalerADC14.1 FIPS < 72.61affected
NetScalerADC13.1 FIPS and NDcPP < 37.272affected
NetScalerGateway14.1 < 72.61affected
NetScalerGateway13.1 < 63.18affected

Weaknesses

  • CWE-73: CWE-73 External control of file name or path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References