CVE-2025-7775 PoC — Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service

Source

https://github.com/mr-r3b00t/CVE-2025-7775

Associated Vulnerability

Title:Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service (CVE-2025-7775)
Description:Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX

Description

Version detection PowerShell

Readme

# CVE-2025-7775
Version detection PowerShell 


There's also a cool file hash based method:
https://github.com/fox-it/citrix-netscaler-triage/blob/main/scan-citrix-netscaler-version.py

You can also potentially use the client binaries to enumerate the version (not sure if you need auth... not looked at this stuff since 2023 heavily)

The timestamps on the default page recenlty seem to show the 20/08/2025 as being patched. the json.gz file needs streaming as browsers seem to try to render this as json (which doen't work)

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!