CVE-2020-7473

In certain situations, all versions of Citrix ShareFile StorageZones aka storage zones Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on th...

Exploit for Improper Access Control in Citrix Sharefile_Storagezones_Controller

Vulnerability Details - CVE: CVE-2021-22941 - Severity...

EUVD-2018-8756

Malware in sbrugna...

EUVD-2019-16761

Malware in sbrugna...

EUVD-2021-10023

Malware in sbrugna...

EUVD-2018-8757

Malware in sbrugna...

EUVD-2019-16762

Malware in sbrugna...

EUVD-2021-10061

Malware in sbrugna...

EUVD-2014-1971

Malware in sbrugna...

EUVD-2020-29813

Malware in sbrugna...

CVE-2021-22891

A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote compromise of the Storage Zones Controller...

CVE-2021-22941

Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller...

CVE-2020-8982

An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones aka storage zones Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud...

CVE-2020-8983

An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones aka storage zones Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or...

VulnCheck KEV: CVE-2020-8982

An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones aka storage zones Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix...

Citrix ShareFile StorageZones file upload

Added: 08/28/2023 Background ShareFile is a file sharing service. StorageZones are user-maintained storage for ShareFile data. Problem A vulnerability in ShareFile StorageZones Controller allows remote attackers to upload arbitrary files, leading to command execution. Resolution Upgrade to...

Exploit for Improper Access Control in Citrix Sharefile_Storage_Zones_Controller

CVE-2023-24489-poc POC for CVE-2023-24489 with bash. It need...

Citrix ShareFile Documents Unauthenticated Access (CTX559517)

Binary data citrixsharefilecontrollerctx559517dc.nbin...

Patch now! Citrix Sharefile joins the list of actively exploited file sharing software

The Cybersecurity and Infrastructure Security Agency CISA has added a vulnerability to its catalog of know exploited vulnerabilities, based on evidence of active exploitation. This means that Federal Civilian Executive Branch FCEB agencies need to remediate this vulnerability by September 6, 2023...

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 CVSS score: 9.8, the...