Back to directory

WRITEUP #990

Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489)

RCEPath traversalCryptographic issuesSecurity code review

byDylan Pindur

Program

Citrix (ShareFile)

Published

Jul 4, 2023

Added to HackDex

Jul 11, 2023

Read Full Writeuphttps://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/

▸ RELATED WRITEUPS

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

Path Traversal and Code Execution in CSLA.NET (CVE-2024-28698)

RCEPath traversal

WhatsUp Gold Pre-Auth RCE WriteDataFile Primitive (CVE-2024-4883)

RCEPath traversal

WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive (CVE-2024-4885)

RCEPath traversal

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

Built with ❤️ by Shubham Rawat