CVE-2022-27518

CRITICAL KEV

Unauthenticated Remote Code Execution - RCE

Title source: llm

Description

Unauthenticated remote arbitrary code execution

Exploits (1)

nomisec WORKING POC 2 stars
by dolby360 · poc
https://github.com/dolby360/CVE-2022-27518_POC

References (2)

Scores

CVSS v3 9.8
EPSS 0.2769
EPSS Percentile 96.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-12-13
VulnCheck KEV 2022-12-13
InTheWild.io 2022-12-13
ENISA EUVD EUVD-2022-32019
CWE
CWE-664
Status published
Products (3)
citrix/application_delivery_controller_firmware 12.1 - 12.1-55.291 (2 CPE variants)
citrix/application_delivery_controller_firmware 12.1 - 12.1-65.25
citrix/gateway_firmware 12.1 - 12.1-65.25
Published Dec 13, 2022
KEV Added Dec 13, 2022
Tracked Since Feb 18, 2026