CVE-2023-3519 PoC — Citrix ADC 和 Citrix Gateway 代码注入漏洞

Source

https://github.com/SalehLardhi/CVE-2023-3519

Associated Vulnerability

Title:Citrix ADC 和 Citrix Gateway 代码注入漏洞 (CVE-2023-3519)
Description:Unauthenticated remote code execution

Description

CVE-2023-3519 vuln for nuclei scanner

Readme

# CVE-2023-3519
This Nuclei template checks for the presence of the CVE-2023-3519 vulnerability in a target web server.

## Vulnerability

CVE-2023-3519 is a vulnerability that allows unauthenticated remote code execution in the Citrix Application Delivery Controller (ADC) and Gateway appliances. An attacker can exploit this vulnerability by sending a specially crafted request to the affected system.

This template checks for the presence of the vulnerability by comparing the "Last-Modified" header in the server response to known patched versions.

## Usage

To scan a single target with Nuclei, use the following command:

```
nuclei -target <target> -t cve-2023-3519.yaml
```

To scan multiple targets, use a file containing a list of targets:

```
nuclei -l <target_file> -t cve-2023-3519.yaml
```
## Analysis

https://blog.assetnote.io/2023/07/21/citrix-CVE-2023-3519-analysis/

## References

- [NVD CVE-2023-3519 ↗](https://nvd.nist.gov/vuln/detail/CVE-2023-3519)
- [Deutsche Telekom CERT on Twitter ↗](https://twitter.com/DTCERT/status/1682032701430452233)

File Snapshot


 [4.0K]  /data/pocs/8fe9bb36e8531ba6eb88f92f2a6c52d263e0d450
├── [1.4K]  CVE-2023-3519.yaml
└── [1.0K]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!