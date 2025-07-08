Numerous Citrix NetScaler ADC and NetScaler Gateway instances were discovered by watchTowr Labs researchers to remain unpatched against the critical severity CitrixBleed 2 flaw, tracked as CVE-2025-5777, amid the growing prevalence of circulating exploits, reports The Register.
Vulnerable Citrix Gateway login endpoints could be targeted with repeated specially crafted HTTP requests with an incomplete login value to force in-memory exposure of session tokens that could be leveraged for subsequent takeover attacks, according to watchTowr Labs researchers, who noted the potential of their proof-of-concept exploit to eventually yield valuable data. "[W]e believe, for reasons, that 'production' environments with VPN connections established would allow us to more trivially see sensitive information within captured memory leaks," said the report. Other PoCs have also been presented by Horizon3.ai and Wiz researchers, with the latter warning about their working exploit's potential inclusion in malicious actors' attack arsenals.
