Citrix ADC Gateway - Remote Code Execution (CVE-2023-3519)

Citrix ADC Gateway is vulnerable to CVE-2023-3519, a Remote Code Execution vulnerability. The root cause of this vulnerability is a stack overflow caused by the inexistence of any bound checks when a SAML payload is parsed into a struct containing the relevant details. This vulnerability allows an unauthenticated remote attacker to gain Remote Code Execution.

思杰系统ADC网关易受CVE-2023-3519漏洞影响，该漏洞属于远程代码执行漏洞。该漏洞的根本原因在于，在将SAML有效载荷解析为包含相关细节的结构时，缺少边界检查，导致栈溢出。此漏洞使得未经身份验证的远程攻击者能够实现远程代码执行。