Citrix ADC Gateway - Remote Code Execution (CVE-2022-27518)

CVE-2022-27518 is a Remote Code Execution vulnerability affecting Citrix ADC Gateway. This vulnerability allows an unauthenticated remote attacker to gain remote code execution on a device runnig Citrix ADC or Citrix Gateway when configured as a SAML service provider or SAML identity provider. We have detected this vulnerability by sending crafted requests to the target and obtaining a hash that we managed to map to an exact version of Citrix ADC.

CVE-2022-27518系影响Citrix ADC Gateway的远程代码执行漏洞。该漏洞使得未经身份验证的远程攻击者能够在将Citrix ADC或Citrix Gateway配置为SAML服务提供者或SAML身份提供者时，在运行Citrix ADC的设备上实现远程代码执行。我方通过向目标发送精心制作的请求并获取一个成功映射至Citrix ADC确切版本的散列值，从而检测到了该漏洞。