{"id":22517,"date":"2022-12-15T09:15:00","date_gmt":"2022-12-15T09:15:00","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=22517"},"modified":"2022-12-15T09:15:00","modified_gmt":"2022-12-15T09:15:00","slug":"citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/","title":{"rendered":"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518)"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Overview<\/h2>\n\n\n\n<p>On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and Gateway. Due to deficiencies in the system&#8217;s control over the lifecycle of resources, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on a target system when Citrix ADC and Citrix Gateway are configured as a Security Assertion Markup Language (SAML) Service Provider (SP) or SAML Identity Provider (IdP) . The CVSS score is 9.8. At present, it has been exploited in the wild. Relevant users are requested to take protective measures as soon as possible.<\/p>\n\n\n\n<p>Citrix ADC can provide the most comprehensive function and load balancing solutions for virtualized advanced Web and application, and remote access services. Citrix Gateway is a secure remote access solution that provides a secure remote access solution with multiple Identity and Access Management (IdAM) features.<\/p>\n\n\n\n<p>Reference link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.citrix.com\/article\/CTX474995\/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518\">https:\/\/support.citrix.com\/article\/CTX474995\/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Scope of Impact<\/h2>\n\n\n\n<p><strong>Affected version<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Citrix ADC and Citrix Gateway 13.0-x &lt; 13.0-58.32<\/li><li>Citrix ADC and\u202fCitrix\u202fGateway\u202f12.1-x\u202f&lt;\u202f12.1-65.25<\/li><li>Citrix ADC 12.1-FIPS &lt; 12.1-55.291<\/li><li>Citrix ADC 12.1-NDcPP &lt; 12.1-55.291<\/li><\/ul>\n\n\n\n<p><strong>Unaffected version<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Citrix ADC and Citrix Gateway &gt;= 13.0-58.32<\/li><li>Citrix ADC and\u202fCitrix\u202fGateway\u202f&gt;=\u202f12.1-65.25<\/li><li>Citrix ADC 12.1-FIPS &gt;= 12.1-55.291<\/li><li>Citrix ADC 12.1-NDcPP &gt;= 12.1-55.291<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Detection<\/h2>\n\n\n\n<p>Users can check the ns.conf file to determine whether it is configured as SAML SP or SAML IdP. If any of the following instructions appears and is an affected version, it may be affected by this vulnerability and needs to be updated immediately:<\/p>\n\n\n\n<div class=\"wp-block-group has-cyan-bluish-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>add authentication samlAction <\/p>\n\n\n\n<p>add authentication samlIdPProfile<\/p>\n<\/div><\/div>\n\n\n\n<p>Users can also verify the malware used by the attackers in this campaign via the following YARA signature:<\/p>\n\n\n\n<div class=\"wp-block-group has-cyan-bluish-gray-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<p>rule tricklancer_a {<\/p>\n\n\n\n<p>&nbsp;strings:<\/p>\n\n\n\n<p>&nbsp;$str1 = &#8220;\/\/var\/\/log\/\/ns.log&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str2 = &#8220;\/\/var\/\/log\/\/cron&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str3 = &#8220;\/\/var\/\/log\/\/auth.log&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str4 = &#8220;\/\/var\/\/log\/\/httpaccess-vpn.log&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str5 = &#8220;\/\/var\/\/log\/\/nsvpn.log&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str6 = &#8220;TF:YYYYMMddhhmmss&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str7 = &#8220;\/\/var\/\/log\/\/lastlog&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str8 = &#8220;clear_utmp&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str9 = &#8220;clear_text_http&#8221; nocase ascii wide<\/p>\n\n\n\n<p>condition:<\/p>\n\n\n\n<p>&nbsp;7 of ($str*)<\/p>\n\n\n\n<p>}<\/p>\n\n\n\n<p>rule tricklancer_b {<\/p>\n\n\n\n<p>&nbsp;strings:<\/p>\n\n\n\n<p>&nbsp;$str1 = &#8220;nsppe&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str2 = &#8220;pb_policy -h nothing&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str3 = &#8220;pb_policy -d&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str4 = &#8220;findProcessListByName&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str5 = &#8220;restoreStateAndDetach&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str6 = &#8220;checktargetsig&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str7 = &#8220;DoInject&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str8 = &#8220;DoUnInject&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;condition:<\/p>\n\n\n\n<p>&nbsp;7 of ($str*)<\/p>\n\n\n\n<p>}<\/p>\n\n\n\n<p>rule tricklancer_c {<\/p>\n\n\n\n<p>&nbsp;strings:<\/p>\n\n\n\n<p>&nbsp;$str1 = &#8220;is_path_traversal_or_vpns_attack_request&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str2 = &#8220;ns_vpn_process_unauthenticated_request&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str3 = &#8220;mmapshell&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str4 = &#8220;DoUnInject&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str5 = &#8220;CalcDistanse&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str6 = &#8220;checkMyData&#8221; nocase ascii wide<\/p>\n\n\n\n<p>&nbsp;$str7 = &#8220;vpn_location_url_len&#8221; nocase ascii wide<\/p>\n\n\n\n<p>condition:<\/p>\n\n\n\n<p>&nbsp;5 of ($str*) &nbsp;}<\/p>\n<\/div><\/div>\n\n\n\n<p>If users find problems through the above detection methods, they can alleviate them through the following measures:<\/p>\n\n\n\n<p>(1) Move all Citrix ADC instances behind a VPN or other feature where authentication (preferably multi-factor) exists before accessing Citrix ADC.<\/p>\n\n\n\n<p>(2) Isolate the Citrix ADC appliance from the environment.<\/p>\n\n\n\n<p>(3) Restore Citrix ADC to a secure configuration state.<\/p>\n\n\n\n<p>Reference link: <a href=\"https:\/\/media.defense.gov\/2022\/Dec\/13\/2003131586\/-1\/-1\/0\/CSA-APT5-CITRIXADC-V1.PDF&nbsp;\">https:\/\/media.defense.gov\/2022\/Dec\/13\/2003131586\/-1\/-1\/0\/CSA-APT5-CITRIXADC-V1.PDF<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Mitigation<\/h2>\n\n\n\n<p>At present, the official security version has been released to fix this vulnerability. It is recommended that affected users upgrade their protection in time:<\/p>\n\n\n\n<p><a href=\"https:\/\/www.citrix.com\/downloads\/citrix-adc\/\">https:\/\/www.citrix.com\/downloads\/citrix-adc\/<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.citrix.com\/downloads\/citrix-gateway\/\">https:\/\/www.citrix.com\/downloads\/citrix-gateway\/<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Statement<\/h2>\n\n\n\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete any information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">About NSFOCUS<\/h2>\n\n\n\n<p>NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company\u2019s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.<\/p>\n\n\n\n<p>NSFOCUS works with Fortune Global 500 companies, including four of the world\u2019s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).<\/p>\n\n\n\n<p>A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and Gateway. Due to deficiencies in the system&#8217;s control over the lifecycle of resources, an unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on a target system when Citrix ADC and Citrix [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":12239,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[6],"tags":[133,134,229],"class_list":["post-22517","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emergency-response","tag-citrix-adc","tag-citrix-gateway","tag-cve-2022-27518"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Overview On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-15T09:15:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg\" \/>\n<meta name=\"author\" content=\"Jie Ji\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Overview On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jie Ji\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/\"},\"author\":{\"name\":\"Jie Ji\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\"},\"headline\":\"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518)\",\"datePublished\":\"2022-12-15T09:15:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/\"},\"wordCount\":829,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/citrix.jpg\",\"keywords\":[\"Citrix ADC\",\"Citrix Gateway\",\"CVE-2022-27518\"],\"articleSection\":[\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/\",\"name\":\"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/citrix.jpg\",\"datePublished\":\"2022-12-15T09:15:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/citrix.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/citrix.jpg\",\"width\":500,\"height\":188,\"caption\":\"Citrix logo in black lowercase letters.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\",\"name\":\"Jie Ji\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"caption\":\"Jie Ji\"},\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/jji\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS","og_description":"Overview On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and","og_url":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/","og_site_name":"NSFOCUS","article_published_time":"2022-12-15T09:15:00+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg","type":"","width":"","height":""}],"author":"Jie Ji","twitter_card":"summary_large_image","twitter_title":"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS","twitter_description":"Overview On December 14, NSFOCUS CERT detected that Citrix officially released a remote code execution vulnerability (CVE-2022-27518) in Citrix ADC and","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg","twitter_misc":{"Escrito por":"Jie Ji","Est. tempo de leitura":"4 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/"},"author":{"name":"Jie Ji","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b"},"headline":"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518)","datePublished":"2022-12-15T09:15:00+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/"},"wordCount":829,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg","keywords":["Citrix ADC","Citrix Gateway","CVE-2022-27518"],"articleSection":["Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/","url":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/","name":"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518) - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg","datePublished":"2022-12-15T09:15:00+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/11\/citrix.jpg","width":500,"height":188,"caption":"Citrix logo in black lowercase letters."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/citrix-adc-and-citrix-gateway-remote-code-execution-vulnerability-cve-2022-27518\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"Citrix ADC and Citrix Gateway Remote Code Execution Vulnerability (CVE-2022-27518)"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b","name":"Jie Ji","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","caption":"Jie Ji"},"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/jji\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/22517","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=22517"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/22517\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/12239"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=22517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=22517"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=22517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}