CVE-2023-4966
Unauthenticated sensitive information disclosure
In short
NetScaler ADC and Gateway servers leak sensitive information without requiring authentication when configured in specific modes. This allows attackers to access confidential data directly over the network.
Technical detail
An unauthenticated remote attacker can exploit improper access controls in NetScaler ADC/Gateway (when configured as VPN, ICA Proxy, CVPN, RDP Proxy, or AAA virtual server) to disclose sensitive information via direct network access, with no pre-conditions beyond network reachability.
Summary generated and translated by AI from the official description.
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
public PoCs found — 15
githubgithub.com/Chocapikk/CVE-2023-4966★ 79githubgithub.com/dinosn/citrix_cve-2023-4966★ 11githubgithub.com/RevoltSecurities/CVE-2023-4966★ 10githubgithub.com/mlynchcogent/CVE-2023-4966-POC★ 8githubgithub.com/certat/citrix-logchecker★ 5githubgithub.com/morganwdavis/overread★ 2githubgithub.com/IceBreakerCode/CVE-2023-4966★ 1githubgithub.com/vignesh-hp/LockBit-Ransomware-Analysis★ 0githubgithub.com/0xKayala/CVE-2023-4966★ 0githubgithub.com/s-bt/CVE-2023-4966★ 0githubgithub.com/byte4RR4Y/CVE-2023-4966★ 0githubgithub.com/jmussmann/cve-2023-4966-iocs★ 0githubgithub.com/LucasOneZ/CVE-2023-4966★ 0githubgithub.com/akshthejo/CVE-2023-4966-exploit★ 0cve_referencepacketstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →