cve/2023/CVE-2023-4966.md

### [CVE-2023-4966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4966)
![](https://img.shields.io/static/v1?label=Product&message=NetScaler%20ADC%E2%80%AF&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=NetScaler%20Gateway&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=14.1%3C%208.50%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-119%20Improper%20Restriction%20of%20Operations%20within%20the%20Bounds%20of%20a%20Memory%20Buffer&color=brighgreen)

### Description

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server. 

### POC

#### Reference
- http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.html

#### Github
- https://github.com/0xKayala/CVE-2023-4966
- https://github.com/B0lg0r0v/citrix-adc-forensics
- https://github.com/B0lg0r0v/citrix-netscaler-forensics
- https://github.com/CerTusHack/Citrix-bleed-Xploit
- https://github.com/Chocapikk/CVE-2023-4966
- https://github.com/EvilGreys/Citrix-BLEED
- https://github.com/IceBreakerCode/CVE-2023-4966
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/RevoltSecurities/CVE-2023-4966
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/CVE
- https://github.com/aleff-github/aleff-github
- https://github.com/aleff-github/my-flipper-shits
- https://github.com/byte4RR4Y/CVE-2023-4966
- https://github.com/certat/citrix-logchecker
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dinosn/citrix_cve-2023-4966
- https://github.com/ditekshen/ansible-cve-2023-4966
- https://github.com/frankenk/frankenk
- https://github.com/izj007/wechat
- https://github.com/jmussmann/cve-2023-4966-iocs
- https://github.com/mlynchcogent/CVE-2023-4966-POC
- https://github.com/morganwdavis/overread
- https://github.com/nanoRoot1/Herramientas-de-Seguridad-Digital
- https://github.com/nitish778191/fitness_app
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/s-bt/CVE-2023-4966
- https://github.com/sanjai-AK47/CVE-2023-4966
- https://github.com/senpaisamp/Netscaler-CVE-2023-4966-POC
- https://github.com/tanjiti/sec_profile
- https://github.com/venkycs/cy8
- https://github.com/whitfieldsdad/cisa_kev
- https://github.com/whoami13apt/files2
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00
+								### [CVE-2023-4966](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4966)
 								![](https://img.shields.io/static/v1?label=Product&message=NetScaler%20ADC%E2%80%AF&color=blue)
 								![](https://img.shields.io/static/v1?label=Product&message=NetScaler%20Gateway&color=blue)
 								![](https://img.shields.io/static/v1?label=Version&message=14.1%3C%208.50%20&color=brighgreen)
 								![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-119%20Improper%20Restriction%20of%20Operations%20within%20the%20Bounds%20of%20a%20Memory%20Buffer&color=brighgreen)
 								### Description
 								Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.
 								### POC
 								#### Reference
 								- http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session-Token-Leakage-Proof-Of-Concept.html
 								#### Github
 								- https://github.com/0xKayala/CVE-2023-4966
 								- https://github.com/B0lg0r0v/citrix-adc-forensics
 								- https://github.com/B0lg0r0v/citrix-netscaler-forensics
 								- https://github.com/CerTusHack/Citrix-bleed-Xploit
 								- https://github.com/Chocapikk/CVE-2023-4966
 								- https://github.com/EvilGreys/Citrix-BLEED
 								- https://github.com/IceBreakerCode/CVE-2023-4966
 								- https://github.com/Ostorlab/KEV
 								- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
-												Update CVE sources 2024-05-28 08:49

											
										
										
											2024-05-28 08:49:17 +00:00
+								- https://github.com/RevoltSecurities/CVE-2023-4966
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00
+								- https://github.com/Threekiii/Awesome-POC
 								- https://github.com/Threekiii/CVE
-												Update CVE sources 2024-06-22 09:37

											
										
										
											2024-06-22 09:37:59 +00:00
+								- https://github.com/aleff-github/aleff-github
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00
+								- https://github.com/aleff-github/my-flipper-shits
 								- https://github.com/byte4RR4Y/CVE-2023-4966
 								- https://github.com/certat/citrix-logchecker
 								- https://github.com/d4n-sec/d4n-sec.github.io
 								- https://github.com/dinosn/citrix_cve-2023-4966
 								- https://github.com/ditekshen/ansible-cve-2023-4966
 								- https://github.com/frankenk/frankenk
 								- https://github.com/izj007/wechat
 								- https://github.com/jmussmann/cve-2023-4966-iocs
 								- https://github.com/mlynchcogent/CVE-2023-4966-POC
 								- https://github.com/morganwdavis/overread
 								- https://github.com/nanoRoot1/Herramientas-de-Seguridad-Digital
-												Update CVE sources 2024-08-05 18:41

											
										
										
											2024-08-05 18:41:32 +00:00
+								- https://github.com/nitish778191/fitness_app
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00
+								- https://github.com/nomi-sec/PoC-in-GitHub
 								- https://github.com/s-bt/CVE-2023-4966
 								- https://github.com/sanjai-AK47/CVE-2023-4966
-												Update CVE sources 2024-05-28 08:49

											
										
										
											2024-05-28 08:49:17 +00:00
+								- https://github.com/senpaisamp/Netscaler-CVE-2023-4966-POC
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00
+								- https://github.com/tanjiti/sec_profile
 								- https://github.com/venkycs/cy8
 								- https://github.com/whitfieldsdad/cisa_kev
-												Update CVE sources 2024-05-28 08:49

											
										
										
											2024-05-28 08:49:17 +00:00
+								- https://github.com/whoami13apt/files2
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00