Severity Rating: CRITICAL
Software Affected
Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32
Citrix ADC and Citrix Gateway 12.1 before 12.1-65.25
Citrix ADC 12.1-FIPS before 12.1-55.291
Citrix ADC 12.1-NDcPP before 12.1-55.291
Overview
A
vulnerability exists in Citrix Gateway and Citrix ADC which could allow
an unauthenticated remote attacker to execute arbitrary code on the
targeted system.
Description
This
vulnerability exists in Citrix Gateway and Citrix ADC due to improper
control of a resource through its lifetime. An attacker could exploit
this vulnerability by sending a specially crafted request to the
affected system.
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the targeted system.
Note: It has been reported that the vulnerability is exploited in the wild.
Solution
Updates are available to download for Citrix ADC and Citrix Gateway .
Vendor Information
Citrix
References
Citrix
CVE Name
CVE-2022-27518
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.