CVE-2023-4966CISA KEV: Actively Exploited

Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability

Published Oct 18, 2023·Updated Oct 18, 2023

Description

Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Public Exploits & PoCs14 found

PoC: citrix_cve-2023-4966

Citrix CVE-2023-4966 from assetnote modified for parallel and file handling

2

PoC: LockBit-Ransomware-Analysis

Threat intelligence and incident response case study on LockBit ransomware exploiting CVE-2023-4966 (Citrix Bleed).

PoC: CVE-2023-4966-exploit

CVE-2023-4966-exploit

PoC: overread

Simulates CVE-2023-4966 Citrix Bleed overread bug

PoC: cve-2023-4966-iocs

Python script to search Citrix NetScaler logs for possible CVE-2023-4966 exploitation.

PoC: CVE-2023-4966

Programm to exploit a range of ip adresses

PoC: CVE-2023-4966

Scripts to get infos

PoC: CVE-2023-4966

An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability

PoC: citrix-logchecker

Parse citrix netscaler logs to check for signs of CVE-2023-4966 exploitation

PoC: CVE-2023-4966

CVE-2023-4966 - NetScaler ADC and NetScaler Gateway Memory Leak Exploit

PoC: ansible-cve-2023-4966

Ansible Playbook for CVE-2023-4966

PoC: CVE-2023-4966-POC

Proof Of Concept for te NetScaler Vuln

PoC: CVE-2023-4966-POC

Proof Of Concept for te NetScaler Vuln

PoC: CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free