CVE Tools

Description

Denial of service via malformed HTTP/2 requests in NetScaler ADC and NetScaler Gateway if HTTP/2 is enabled in HTTP Profile and associated with the virtual server (of type LB, CS, VPN) or the service configured on NetScaler

In plain language

AI Low urgency

If you use NetScaler ADC or NetScaler Gateway with HTTP/2 turned on, a bad HTTP/2 request could knock the service offline; small businesses should patch, especially if your device is internet-facing.

Executive summary

Denial of service in NetScaler ADC/Gateway when malformed HTTP/2 requests are processed while HTTP/2 is enabled in the HTTP Profile and bound to the relevant virtual server/service, potentially exhausting or crashing request handling.

If affected, business impact
Website and app downtimeLogin and access disruptionService interruptions for customers

What to do now

  1. Check whether your NetScaler ADC or NetScaler Gateway has HTTP/2 enabled in the HTTP Profile and is associated with any active load-balancing, content switching, or VPN virtual server/service.
  2. Verify your current software version on the affected NetScaler device (ADC and/or Gateway).
  3. Upgrade to a fixed release: for both ADC and Gateway, move to 72.61 or 63.18 or 37.272 (choose the highest available fixed version that fits your environment).
  4. If you cannot upgrade right away, disable HTTP/2 in the relevant HTTP Profile(s) used by those virtual server/service bindings, then test that client connectivity still works.
Usually a quick update

CVSS Vector Breakdown

AV:NAC:LPR:NUI:NS:UC:NI:NA:H
Exploitability
AV:NAttack Vector
Network
AC:LAttack Complexity
Low
PR:NPrivileges Required
None
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:NConfidentiality
None
I:NIntegrity
None
A:HAvailability
High

Weaknesses

Affected Products

NetScaler
commercial·USaka citrix, netscaler gateway firmware, application delivery controller firmware, xenserver

Exploitability

Official Patch Available

References

2

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2026-13474 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows