Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2022-27518

Published: 13/12/2022 Updated: 18/10/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Citrix

Vulnerability Summary

Unauthenticated remote arbitrary code execution

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

citrix application_delivery_controller_firmware

citrix gateway_firmware

Github Repositories

https://github.com/Smarttech247PT/citrix_fgateway_fingerprint

citrix gateway fingerprint Python script to identify Citrix Gateway version based on the reserch from fox-it: blogfox-itcom/2022/12/28/cve-2022-27510-cve-2022-27518-measuring-citrix-adc-gateway-version-adoption-on-the-internet/ Usage citrix_fingerprintpy URL provide only root URL, the script will append /vpn/indexhtml itself

https://github.com/dolby360/CVE-2022-27518_POC

A POC on how to exploit CVE-2022-27518

CVE-2022-27518_POC docker pull quayio/citrix/citrix-k8s-cpx-ingress:130-5830 Use the following command to verify if CPX image is installed in docker images docker images | grep 'citrix-k8s-cpx-ingress' Use the following command to create a CPX container instance running in bridge mode doc

https://github.com/securekomodo/citrixInspector

Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix ADC to CVE-2023-3519

CVE-2023-3519 Inspector The cve_2023_3519_inspectorpy is a Python-based vulnerability scanner for detecting the CVE-2023-3519 vulnerability in Citrix Gateways It performs a passive analysis and fingerprinting of target websites to assess their vulnerability based on a series of checks Recent Updates Added functionality to parse the /vpn/pluginlistxml file to determine mor

Recent Articles

Microsoft ain't the only one squashing exploited-in-the-wild bugs this month
The Register

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Plus there's a PoC for this unpatched Cisco bug

Patch Tuesday For its final Patch Tuesday of the year, Microsoft fixed one bug that's already been exploited in the wild – and another that's publicly known. That brings its total for December to 49 patched vulnerabilities, six of which are rated critical. The bug that's listed as exploited-in-the-wild is tracked as CVE-2022-44698. It's a Windows SmartScreen security feature bypass vulnerability, and it received a 5.4 CVSS rating. "An attacker can craft a malicious file that would evade Mark o...

Read more...
Citrix patches critical ADC flaw the NSA says is already under attack from China
The Register

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Yet more pain for the software formerly known as NetScaler

The China-linked crime gang APT5 is already attacking a flaw in Citrix's Application Delivery Controller (ADC) and Gateway products that the vendor patched today. Citrix says the flaw, CVE-2022-27518, "could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance" if it is configured as a SAML service provider or identity provider (SAML SP, SAML IdP). Unusually, Citrix has a policy of not revealing the Common Vulnerability Scoring System (CVSS) scores for it...

Read more...

References

NVD-CWE-Otherhttps://support.citrix.com/article/CTX474995https://nvd.nist.govhttps://github.com/Smarttech247PT/citrix_fgateway_fingerprinthttps://github.com/dolby360/CVE-2022-27518_POChttps://www.theregister.co.uk/2022/12/14/microsoft_december_patch_tuesday/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook