Topic: cve-2025-5777
-
Urgent: Patch Citrix Bleed 2 NetScaler flaw as exploits go public
A critical Citrix NetScaler vulnerability (CVE-2025-5777) allows attackers to steal session tokens by exploiting malformed login requests to dump memory contents, similar to last year's CitrixBleed flaw. The flaw arises from improper use of the snprintf function, leaking ~127 bytes of memory per ...
Read More » -
1,200+ Citrix servers vulnerable to critical auth bypass flaw
Over 1,200 Citrix NetScaler systems remain vulnerable to CVE-2025-5777, a severe authentication bypass flaw enabling session hijacking and MFA bypass, with potential active exploitation despite Citrix's denial. The flaw, dubbed "Citrix Bleed 2," allows attackers to steal session tokens and creden...
Read More » -
CitrixBleed 2 Vulnerability Actively Exploited
A critical vulnerability in Citrix NetScaler systems (CVE-2025-5777, CVSS 9.3), dubbed CitrixBleed 2, allows attackers to bypass authentication and compromise user sessions, similar to the 2023 CitrixBleed exploit. Attackers are actively exploiting the flaw, using tactics like MFA bypass, session...
Read More » -
Hackers Exploit New 'CitrixBleed 2' NetScaler Flaw to Hijack Sessions
A new vulnerability dubbed "CitrixBleed 2" in Citrix NetScaler ADC and Gateway systems allows attackers to hijack sessions and bypass security, similar to a previous flaw. Two critical vulnerabilities (CVE-2025-5777 and CVE-2025-5349) affect NetScaler systems, with the more severe one enabling un...
Read More »
