Lucene search
K

18 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.236 views

Citrix ADC (NetScaler) Bleed Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler Bleed Scanner', 'Description' = %q This module scans for a vulnerability that allows a remote, unauthenticated attacker to...

9.4CVSS7.3AI score0.99999EPSS
Exploits15
Malwarebytes
Malwarebytes
added 2023/11/24 7:20 p.m.82 views

Citrix Bleed widely exploited, warn government agencies

In a joint cybersecurity advisory, the Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI, along with other international agencies, warn that ransomware gangs are actively exploiting the Citrix Bleed vulnerability. Affiliates of at least two ransomwa...

5CVSS8.3AI score0.99999EPSS
Exploits15
The Hacker News
The Hacker News
added 2023/11/22 4:49 a.m.116 views

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control ADC and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S...

9.4CVSS8.1AI score0.99999EPSS
Exploits15
ICS
ICS
added 2023/11/21 12:0 p.m.184 views

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

SUMMARY Note: This joint Cybersecurity Advisory CSA is part of an ongoing StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These StopRansomware advisories include recently and historically observed tactics,...

9.4CVSS9.4AI score0.99999EPSS
Exploits15References55
CISA
CISA
added 2023/11/07 12:0 p.m.24 views

CISA Releases Guidance for Addressing Citrix NetScaler ADC and Gateway Vulnerability CVE-2023-4966, Citrix Bleed

Today, CISA, in response to active, targeted exploitation, released guidance for addressing Citrix NetScaler ADC and Gateway vulnerability CVE-2023-4966. The vulnerability, also known as Citrix Bleed, could allow a cyber actor to take control of an affected system. CISA recommends organizations...

9.4CVSS9.5AI score0.99999EPSS
In wildExploits15References2
Metasploit
Metasploit
added 2023/10/31 7:51 p.m.743 views

Citrix ADC (NetScaler) Bleed Scanner

This module scans for a vulnerability that allows a remote, unauthenticated attacker to leak memory for a target Citrix ADC server. The leaked memory is then scanned for session cookies which can be hijacked if found. Module Options msf use auxiliary/scanner/http/citrixbleedcve20234966 msf...

9.4CVSS7.5AI score0.99999EPSS
Exploits15
GithubExploit
GithubExploit
added 2023/10/29 3:31 p.m.77 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-4966 An Exploitation script developed to exploit the...

9.4CVSS6.9AI score0.99999EPSS
Exploits15
GithubExploit
GithubExploit
added 2023/10/29 3:31 p.m.464 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-4966 An Exploitation script developed to exploit the...

9.4CVSS8.6AI score0.99999EPSS
Exploits15
Rapid7 Blog
Rapid7 Blog
added 2023/10/25 6:18 p.m.79 views

CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability

On October 10, 2023, Citrix published an advisory on two vulnerabilities affecting NetScaler ADC and NetScaler Gateway. The more critical of these two issues is CVE-2023-4966, a sensitive information disclosure vulnerability that allows an attacker to read large amounts of memory after the end of...

5CVSS7.1AI score0.99999EPSS
Exploits15
The Hacker News
The Hacker News
added 2023/10/25 4:47 a.m.106 views

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept PoC exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 CVSS score: 8.1, the high-severity vulnerability relates to a case of authentication bypass...

9.8CVSS8.4AI score0.99999EPSS
Exploits16
GithubExploit
GithubExploit
added 2023/10/24 5:19 p.m.488 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-4966 Citrix Memory Leak Exploit 🔒 Leak session token...

9.4CVSS8.7AI score0.99999EPSS
Exploits15
hivepro
hivepro
added 2023/10/20 12:47 p.m.50 views

A Longstanding Zero-Day in Citrix Devices Exploited Since August

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day exploit, identified as CVE-2023-4966, has been actively targeting critical vulnerabilities in Citrix NetScaler ADC/Gateway devices since late August 2023. This exploit has the potential...

5CVSS7.3AI score0.99999EPSS
Exploits15
The Hacker News
The Hacker News
added 2023/10/18 12:27 p.m.82 views

Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms

Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 CVSS score: 9.4, the vulnerability impacts the following supported versions - NetScaler ADC and...

9.4CVSS8.1AI score0.99999EPSS
Exploits15
Circl
Circl
added 2023/10/10 6:16 p.m.17 views

CVE-2023-4966

creationtimestamp| type| source ---|---|--- 2023-10-10 18:16:58+00:00| seen| https://t.me/cibsecurity/71957 2023-10-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1133 2023-10-11 10:17:06+00:00| seen| https://t.me/itsecnews/3438 2023-10-18 14:01:45+00:00| exploited|...

9.4CVSS6.9AI score0.99999EPSS
In wildExploits15References117
NVD
NVD
added 2023/10/10 2:15 p.m.47 views

CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server...

9.4CVSS9.5AI score0.99999EPSS
Exploits15References3
Cvelist
Cvelist
added 2023/10/10 1:12 p.m.53 views

CVE-2023-4966 Unauthenticated sensitive information disclosure

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server...

9.4CVSS9.3AI score0.99999EPSS
Exploits15References2
Vulnrichment
Vulnrichment
added 2023/10/10 1:12 p.m.19 views

CVE-2023-4966 Unauthenticated sensitive information disclosure

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server...

9.4CVSS8.6AI score0.99999EPSS
Exploits15References2
CVE
CVE
added 2023/10/10 1:12 p.m.1100 views

CVE-2023-4966

CVE-2023-4966 affects Citrix NetScaler ADC and NetScaler Gateway when configured as a Gateway or AAA virtual server. The issue stems from improper usage of snprintf/memory handling in the WebProc/auth pathways, causing memory disclosure via crafted responses and exposing sensitive data (e.g., aut...

9.4CVSS8.6AI score0.99999EPSS
In wildExploits15References3Affected Software2
Rows per page
Query Builder