Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-4966 PoC — Citrix Systems NetScaler ADC和NetScaler Gateway 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/citrix/citrix-oob-memory-read.yaml
Associated Vulnerability
Title:Citrix Systems NetScaler ADC和NetScaler Gateway 安全漏洞 (CVE-2023-4966)
Description:Citrix Systems Citrix NetScaler Gateway(Citrix Systems Gateway)和Citrix Systems NetScaler ADC都是美国思杰系统(Citrix Systems)公司的产品。Citrix NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能,以实现用户从任何地点远程访问应用和数据。Citrix Systems NetScaler ADC是一个应用程序交付和安全平台。 NetScale
Description
The vulnerability would enable an attacker to remotely obtain sensitive information from a NetScaler appliance configured as a Gateway or AAA virtual server via a very commonly connected Web interface, and without requiring authentication. This bug is nearly identical to the Citrix Bleed vulnerability (CVE-2023-4966), except it is less likely to return highly sensitive information to an attacker.
File Snapshot

 id: citrix-oob-memory-read

info:
  name: Citrix Netscaler ADC & Gateway v13.1-50.23 - Out-Of-Bounds

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.