Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-7775 PoC — Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service

Source
https://github.com/hacker-r3volv3r/CVE-2025-7775-PoC
Associated Vulnerability
Title:Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service (CVE-2025-7775)
Description:Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX
Readme
CVE-2025-7775 | NetScaler ADC RCE PoC 
===

    ⚠️ Disclaimer: This is a hypothetical PoC for educational purposes only.Segment NetScaler networks CVE-2025-7775 does not exist. Use only in an isolated lab.

Overview

Simulated exploit for a hypothetical unauthenticated RCE in Citrix NetScaler ADC/Gateway. Designed for internal detection validation and IR drill training.
Lab Requirements

    Isolated network

    Licensed NetScaler VPX instance (lab use)

    Python 3.x

Usage

    git clone https://github.com/your-org/cve-2025-7775-poc.git

    pip install requests

    python3 poc.py https://<lab-ip>

The script sends a HTTP POST with a simulated command injection pattern to /api/v1/configuration and checks for a test file.

    N


License

MIT. Use legally and ethically.
File Snapshot

 [4.0K]  /data/pocs/d3175aa9dd0f5911255c8b76f446d5b7bfdad4e1
├── [2.4K]  CVE-2025-7775-PoC.py
└── [ 790]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →