NOMISEC-LucasOneZ/CVE-2023-4966

NOMISEC WORKING POC

Exploit for CVE-2023-4966 - Citrix Netscaler Application Delivery Controller - Memory Corruption

AI Analysis

This repository contains a functional exploit for CVE-2023-4966, targeting Citrix ADC/Gateway. The exploit includes methods to check for vulnerability, curl a URL with formatted XML response, and dump memory by manipulating the Host header to trigger a buffer overflow.

Attack Type

info_leak

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1005 - Data from Local System

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type infoleak

Files 2

https://github.com/LucasOneZ/CVE-2023-4966

Stars 0

Forks 0

Last Push Sep 14, 2024

Authors

LucasOneZ

Vulnerability

CVE-2023-4966

Citrix Netscaler Application Delivery Controller - Memory Corruption

CRITICAL KEV

CVSS 9.4