Citrix has disclosed a critical vulnerability in NetScaler products (CVSS 9.1) that allows unauthenticated remote attackers to extract sensitive information from internet-facing appliances without any credentials. Organizations running NetScaler ADC or Gateway as perimeter infrastructure face direct exposure risk; a second vulnerability in the same advisory compounds the attack surface. Citrix has issued an urgent patch advisory (CTX696300) and immediate remediation is required to prevent credential or configuration data exposure.