Exploitation Summary
EIP tracks 3 public exploits for CVE-2010-4566.
PoCs published by Metasploit, George D. Gal, George D. Gal, Erwin Paternotte, including Metasploit module exploits/unix/webapp/citrix_access_gateway_exec.
AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Citrix Access Gateway's NTLM authentication module by embedding shell metacharacters in the login form, allowing arbitrary command execution. The PoC uses a POST request to trigger the vulnerability and includes a check method to verify exploitability.
Description
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field.
Exploits (3)
This exploit leverages a command injection vulnerability in Citrix Access Gateway's NTLM authentication module by embedding shell metacharacters in the login form, allowing arbitrary command execution. The PoC uses a POST request to trigger the vulnerability and includes a check method to verify exploitability.
This advisory details a command injection vulnerability in Citrix Access Gateway's legacy NT4 authentication module, where shell metacharacters in the password field can lead to arbitrary command execution. The vulnerability arises from improper handling of user credentials passed to the Samba 'samedit' utility.
This Metasploit module exploits a command injection vulnerability in Citrix Access Gateway's NTLM authentication by injecting shell metacharacters into the login form, allowing arbitrary command execution. The exploit leverages the Samba 'samedit' utility to achieve RCE.