{"vulnerability": "cve-2023-24489", "sightings": [{"uuid": "fe30730e-f67a-446b-bcd4-87f573da9b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-08-16T18:10:02.000000Z"}, {"uuid": "684a3584-dae8-4df5-b460-7b979c83e058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971868", "content": "", "creation_timestamp": "2024-12-24T20:35:01.612271Z"}, {"uuid": "e1ae758b-7188-415f-8fa6-9ab322084e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:45.000000Z"}, {"uuid": "312d0309-995a-4196-aecd-ce5130c68c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:01.000000Z"}, {"uuid": "b587eac2-1823-4e04-84ac-2b0fe0457dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d8e54719-9148-4307-85c1-d6a9c928e79c", "content": "", "creation_timestamp": "2026-02-02T12:26:53.729788Z"}, {"uuid": "00834cd5-8d12-4a72-883b-b4765f9d35d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4804", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-24489 PoC & Exploiter\nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-24489-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-26T03:28:07.000000Z"}, {"uuid": "c7d59aa7-39c7-4a87-8818-0d96b6a07f1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5003", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPOC for CVE-2023-24489 with bash. \nURL\uff1ahttps://github.com/whalebone7/CVE-2023-24489-poc\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-27T11:57:38.000000Z"}, {"uuid": "6ed5f06a-95d8-4f63-bc4a-bb6cc2ee7173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "https://t.me/YAH_Channel/683", "content": "#infodigest\n\n\u0421\u043e\u0431\u0440\u0430\u043b\u0438 \u0434\u043b\u044f \u0432\u0430\u0441 \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0438\u0437 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0439.\n\n\ud83e\udeb2 Bugs & Exploits\n1. WordPress \u00abWooCommerce Payments\u00bb plugin CVE-2023-28121\n2. Why ORMs and Prepared Statements Can't (Always) Win\n3. Exploiting XSS in hidden inputs and meta tags\n4. Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)\n5. Exploiting Incorrectly Configured Load Balancer with XSS to Steal Cookies\n6. Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646)\n7. Reversing Citrix Gateway for XSS\n8. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 1)\n9. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)\n10. HTML Over the Wire\n\n\ud83d\udee0 Tools\n11. CVSS Advisor (Escalation Techniques)\n12. shortscan\n\n\ud83d\udcd1 Burp extensions & tricks\n13. Improve your API Security Testing with Burp BCheck Scripts\n14. The top 10 community-created BChecks\n\n\ud83d\udcb0 Bug Bounty reports\n15. Bug Writeup: Stored XSS to Account Takeover (ATO) via GraphQL API\n16. Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability", "creation_timestamp": "2023-08-01T05:27:29.000000Z"}, {"uuid": "d106ab68-e2e2-4c83-b393-23fb93b1767f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://t.me/BleepingComputer/17825", "content": "\u200aCISA warns of critical Citrix ShareFile flaw exploited in the wild\n\nCISA is warning that a critical Citrix ShareFile secure file transfer vulnerability tracked as CVE-2023-24489 is being targeted by unknown actors\u00a0and has added the flaw to its catalog of known security flaws exploited in the wild. [...]\n\nhttps://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-citrix-sharefile-flaw-exploited-in-the-wild/", "creation_timestamp": "2023-08-17T01:05:45.000000Z"}, {"uuid": "cc4e82c8-62b8-4a90-8de0-4e69f38429f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://t.me/BleepingComputer/17823", "content": "Latest news and stories from BleepingComputer.com\nCISA warns of critical Citrix ShareFile flaw exploited in the wild\n\nCISA is warning that a critical Citrix ShareFile secure file transfer vulnerability tracked as CVE-2023-24489 is being targeted by unknown actors\u00a0and has added the flaw to its catalog of known security flaws exploited in the wild. [...]", "creation_timestamp": "2023-08-16T22:07:36.000000Z"}, {"uuid": "584fc28a-6d8a-4350-a78f-53a7d079f6a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/180", "content": "Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)\n\n\ud83d\udc64 by Dylan Pindur\n\nShareFile is cloud-based file sharing and collaboration application. The software providing this feature is a .NET web application running under IIS called \"Storage Zones Controller\" (also sometimes called Storage Center) and this is what Assetnote team decided to target.\nThrough their research they were able to achieve unauthenticated arbitrary file upload and full remote code execution by exploiting a seemingly innocuous cryptographic bug. Citrix has released a security update and assigned this issue CVE-2023-24489.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n\u25cf Where to Start?\n\u25cf Authenticated, but Not Really\n\u25cf A Simple Path Traversal\n\u25cf Encryption != Authentication\n\u25cf Block Ciphers and Padding\n\u25cf Cipher Block Chaining\n\u25cf Enough Cryptography, Show Me the Exploit\n\u25cf What Have We Learned?\n\u25cf Conclusions\n\nhttps://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/", "creation_timestamp": "2023-07-11T04:59:28.000000Z"}, {"uuid": "74b68ba3-3f65-4305-8b41-e2c73860ac44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3043", "content": "#infodigest\n\n\u0421\u043e\u0431\u0440\u0430\u043b\u0438 \u0434\u043b\u044f \u0432\u0430\u0441 \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0438\u0437 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0439.\n\n\ud83e\udeb2 Bugs & Exploits\n1. WordPress \u00abWooCommerce Payments\u00bb plugin CVE-2023-28121\n2. Why ORMs and Prepared Statements Can't (Always) Win\n3. Exploiting XSS in hidden inputs and meta tags\n4. Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)\n5. Exploiting Incorrectly Configured Load Balancer with XSS to Steal Cookies\n6. Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646)\n7. Reversing Citrix Gateway for XSS\n8. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 1)\n9. Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)\n10. HTML Over the Wire\n\n\ud83d\udee0 Tools\n11. CVSS Advisor (Escalation Techniques)\n12. shortscan\n\n\ud83d\udcd1 Burp extensions & tricks\n13. Improve your API Security Testing with Burp BCheck Scripts\n14. The top 10 community-created BChecks\n\n\ud83d\udcb0 Bug Bounty reports\n15. Bug Writeup: Stored XSS to Account Takeover (ATO) via GraphQL API\n16. Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability", "creation_timestamp": "2023-08-02T15:22:57.000000Z"}, {"uuid": "5d672718-f886-43fc-a591-061fdb92daa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "https://t.me/ctinow/127202", "content": "https://ift.tt/JGb3X7C\nExperts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489", "creation_timestamp": "2023-07-31T10:18:01.000000Z"}, {"uuid": "56002f2a-d501-4f0a-80c1-379322bf4ad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://t.me/ctinow/131149", "content": "https://ift.tt/Vh2JgbS\nCitrix ShareFile vulnerability actively exploited (CVE-2023-24489)", "creation_timestamp": "2023-08-17T13:52:00.000000Z"}, {"uuid": "a9d27785-cc76-4a60-bfd1-4266e4f2553b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "https://t.me/arpsyndicate/964", "content": "#ExploitObserverAlert\n\nCVE-2023-24489\n\nDESCRIPTION: Exploit Observer has 12 entries related to CVE-2023-24489. A vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.\n\nFIRST-EPSS: 0.969450000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T15:19:08.000000Z"}, {"uuid": "82ec2601-cc59-4ef0-b52b-5a0cd99e6ef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "Telegram/R5cdbEp-3EXwChueiJ8dOMcJ7sUs6Xxmfje-7Je5P_jeQQ", "content": "", "creation_timestamp": "2023-08-17T07:12:49.000000Z"}, {"uuid": "4e8ea4e5-dc10-43ad-8ec2-31b6cda832c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://t.me/KomunitiSiber/665", "content": "CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks\nhttps://thehackernews.com/2023/08/cisa-adds-citrix-sharefile-flaw-to-kev.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation.\nTracked as\u00a0CVE-2023-24489\u00a0(CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited", "creation_timestamp": "2023-08-17T07:47:21.000000Z"}, {"uuid": "c3105477-0d19-47e0-ad89-e62545eb05d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/267", "content": "CVE-2023-24489 - Authenticated: ShareFile RCE\nLink : https://github.com/codeb0ss/CVE-2023-24489-PoC", "creation_timestamp": "2023-08-03T00:43:50.000000Z"}, {"uuid": "d6fc3836-1f54-49b2-ac98-2043935f15e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1618", "content": "CVE-2023-24489\nCitrix ShareFile RCE\ud83d\udd25\nPOC exploit + \u0440\u0430\u0437\u0431\u043e\u0440\n\n#citrix", "creation_timestamp": "2023-07-11T13:03:14.000000Z"}, {"uuid": "009cba38-5a96-4359-8b63-c4fe3450df0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/955", "content": "CVE-2023-24498 - Remote Code Execution [RCE]\n\nhttps://github.com/codeb0ss/CVE-2023-24489-PoC", "creation_timestamp": "2023-07-26T06:00:48.000000Z"}, {"uuid": "ef295581-f09e-4466-8cd7-31d4caf3e3e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/956", "content": "", "creation_timestamp": "2023-07-26T06:00:30.000000Z"}, {"uuid": "1a687f36-d4d3-4031-aed1-fdd388e81cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/836", "content": "CVE-2023-24489 : Citrix ShareFile Storage Zones Controller <=\u00a0 5.11.24 (Citrix Content Collaboration) - Remote Code Execution\nPOC : https://github.com/adhikara13/CVE-2023-24489-ShareFile\nBlog : https://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/", "creation_timestamp": "2023-08-18T18:30:30.000000Z"}, {"uuid": "4447ad00-763a-458a-8f13-05a0306a4516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3972", "content": "\ud83d\udcccXplain AG | Xplain.ch Data Leak : https://system32.ink/xplain-ag-xplain.ch-data-leak/\n\n\ud83d\udcdfCVE-2023-24489 Exploiter [ShareFile RCE]  : https://system32.ink/cve-2023-24489-exploiter-sharefile-rce/\n\n\ud83e\ude85RealChar. \u2013 Your Realtime AI Character : https://system32.ink/realchar.-your-realtime-ai-character/\n\n@Crackcodes | System32.ink | Crackcodes.in", "creation_timestamp": "2023-07-31T13:28:44.000000Z"}, {"uuid": "842c66ca-5152-4697-b26e-8b6662d48832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3863", "content": "CVE-2023-24489\nCitrix ShareFile RCE\ud83d\udd25\nPOC exploit + parsing\n\n#citrix", "creation_timestamp": "2023-07-11T13:17:20.000000Z"}, {"uuid": "0be44a4c-83cd-4b81-b5ec-ec3c584c155a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "https://t.me/cibsecurity/66316", "content": "\u203c CVE-2023-24489 \u203c\n\nA vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T02:24:02.000000Z"}, {"uuid": "adac5677-3033-4953-81ab-5cb488383836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/788", "content": "https://github.com/codeb0ss/CVE-2023-24489-PoC\n#github", "creation_timestamp": "2023-07-30T08:40:37.000000Z"}, {"uuid": "b6684948-326c-48ab-87e1-7c56cc9bdeb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://t.me/information_security_channel/50467", "content": "Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning\u00a0\nhttps://www.securityweek.com/exploitation-of-citrix-sharefile-vulnerability-spikes-as-cisa-issues-warning/\n\nExploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its \u2018must patch\u2019 catalog.\nThe post Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning\u00a0 (https://www.securityweek.com/exploitation-of-citrix-sharefile-vulnerability-spikes-as-cisa-issues-warning/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-08-17T11:55:59.000000Z"}, {"uuid": "0f0bce45-fabf-4da8-9e17-bf1b9ea2c2bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://t.me/information_security_channel/50356", "content": "Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins\nhttps://www.securityweek.com/exploitation-of-recent-citrix-sharefile-rce-vulnerability-begins/\n\nThe first attempts to exploit CVE-2023-24489, a recent critical Citrix ShareFile remote code execution vulnerability, have been observed.\nThe post Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins (https://www.securityweek.com/exploitation-of-recent-citrix-sharefile-rce-vulnerability-begins/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-07-28T16:51:40.000000Z"}, {"uuid": "392c69a1-97bd-41d7-bc9f-99491da51060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "exploited", "source": "https://t.me/thehackernews/3755", "content": "\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Citrix ShareFile under attack! Learn about ongoing exploitation of CVE-2023-24489 and how to defend your systems. \n \nRead now: https://thehackernews.com/2023/08/cisa-adds-citrix-sharefile-flaw-to-kev.html", "creation_timestamp": "2023-08-17T14:18:36.000000Z"}, {"uuid": "602e3648-5991-442f-8859-9f7ff2c131bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7507", "content": "Advisory: ShareFile Pre-Auth RCE (CVE-2023-24489)\n\nhttps://blog.assetnote.io/2023/07/04/citrix-sharefile-rce-advisory/", "creation_timestamp": "2023-07-11T12:27:02.000000Z"}, {"uuid": "69447044-7220-4e4a-9a7a-e43cc78368e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7515", "content": "Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)\n\nhttps://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/", "creation_timestamp": "2023-07-12T12:27:02.000000Z"}, {"uuid": "8417e9e2-3706-4a7a-8216-c9f8b08b1cf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24489", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8751", "content": "#exploit\n1. CVE-2022-44666:\nA sample of PoC scripts that run Calc.exe with full source code\nhttps://github.com/arntsonl/calc_security_poc\n]-> https://github.com/j00sean/CVE-2022-44666/tree/main/bypass/jar-poc\n\n2. CVE-2023-24489:\nA Critical Citrix ShareFile RCE Vulnerability\nhttps://blog.assetnote.io/2023/07/04/citrix-sharefile-rce", "creation_timestamp": "2023-07-28T22:07:01.000000Z"}]}