EIP-2026-101593

PRE-CVE

Citrix ADC NetScaler - Local File Inclusion (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-101593. PoCs published by RAMELLA Sebastien.

AI-analyzed exploit summary This Metasploit module exploits an authorization bypass (CVE-2020-8193) and local file inclusion vulnerabilities in Citrix ADC and NetScaler Gateway devices. It establishes a session, retrieves a random key, and reads arbitrary files via crafted HTTP requests.

Description

Citrix ADC NetScaler - Local File Inclusion (Metasploit)

Exploits (1)

exploitdb WORKING POC

by RAMELLA Sebastien · rubywebappshardware

https://www.exploit-db.com/exploits/49038

View Code ZIP pw:eip

This Metasploit module exploits an authorization bypass (CVE-2020-8193) and local file inclusion vulnerabilities in Citrix ADC and NetScaler Gateway devices. It establishes a session, retrieves a random key, and reads arbitrary files via crafted HTTP requests.

Classification

Working Poc 95%

Attack Type

Auth Bypass | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Citrix ADC, Citrix NetScaler Gateway

No auth needed

Prerequisites: Access to NSIP/management interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026