CVE-2022-27516 – User login brute force protection functionality bypass
https://notcve.org/view.php?id=CVE-2022-27516
User login brute force protection functionality bypass Omisión de la funcionalidad de protección de fuerza bruta de inicio de sesión de usuario • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-307: Improper Restriction of Excessive Authentication Attempts CWE-693: Protection Mechanism Failure •
CVE-2022-27510 – Unauthorized access to Gateway user capabilities
https://notcve.org/view.php?id=CVE-2022-27510
Unauthorized access to Gateway user capabilities Acceso no autorizado a las capacidades del usuario de Gateway • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVE-2022-27513 – Remote desktop takeover via phishing
https://notcve.org/view.php?id=CVE-2022-27513
Remote desktop takeover via phishing Adquisición de escritorio remoto mediante phishing • https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516 • CWE-345: Insufficient Verification of Data Authenticity •
CVE-2022-27509 – Unauthenticated redirection to a malicious website
https://notcve.org/view.php?id=CVE-2022-27509
Unauthenticated redirection to a malicious website Un redireccionamiento no autenticado a un sitio web malicioso • https://support.citrix.com/article/CTX457836 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2019-19781 – Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-19781
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. Se descubrió un problema en Citrix Application Delivery Controller (ADC) and Gateway versiones 10.5, 11.1, 12.0, 12.1 y 13.0. Permiten un salto de directorio. Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution. • https://www.exploit-db.com/exploits/47930 https://www.exploit-db.com/exploits/47913 https://www.exploit-db.com/exploits/47901 https://github.com/projectzeroindia/CVE-2019-19781 https://github.com/mpgn/CVE-2019-19781 https://github.com/jas502n/CVE-2019-19781 https://github.com/mandiant/ioc-scanner-CVE-2019-19781 https://github.com/citrix/ioc-scanner-CVE-2019-19781 https://github.com/haxrob/CVE-2019-19781 https://github.com/aqhmal/CVE-2019-19781 https://github.com • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •