CVE-2022-27518CISA KEVEPSS p93.3%

CVE-2022-27518Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability

Citrix / Application Delivery Controller (ADC) and Gateway

Description

Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.

Scoring

EPSS6.93% probability of exploitation · percentile 93.3% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2022-12-13

(incoming)1

TypeTargetConfidenceTier
KEVEntryCitrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerabilitykev-cve-2022-275180%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
CVE
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability
CVE
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
CVE
CVE-2025-8310
CVE
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
CVE
Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.