vulnerability

Citrix Gateway/Application Delivery Controller: CVE-2022-27518: Unauthenticated remote arbitrary code execution

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Dec 13, 2022	Dec 13, 2022	Dec 14, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Dec 13, 2022

Added

Dec 13, 2022

Modified

Dec 14, 2022

Description

A vulnerability has been discovered in Citrix Gateway and Citrix ADC (formerly known as NetScaler ADC), that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.

Solutions

citrix-adc-upgrade-12_1_65_25citrix-adc-upgrade-13_0_58_32

References

CVE-2022-27518
https://attackerkb.com/topics/CVE-2022-27518
https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report