Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-2882 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Access Gateway

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources

Severity

9.3CRITICALNVD

EPSS

75.8%

top 1.09%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Citrix Access Gateway

Timeline

PublishedJul 21

Latest updateMay 17

Description

Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDcitrix/access_gateway8.1, 9.0, 9.1+2

🔴Vulnerability Details

GHSA

GHSA-cwj2-353m-w5fv: Stack-based buffer overflow in the NSEPA↗2022-05-17

▶

💥Exploits & PoCs

Exploit-DB

Citrix Gateway - ActiveX Control Stack Buffer Overflow (Metasploit)↗2011-08-31

▶

Metasploit

Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability↗

▶

📋Vendor Advisories

Citrix

CVE-2011-2882: Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0↗2011-07-21

▶