header-logo
Suggest Exploit
vendor:
Nfuse
by:
SecurityFocus
5
CVSS
MEDIUM
Nfuse Webroot Disclosure
200
CWE
Product Name: Nfuse
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2001

Citrix Nfuse Webroot Disclosure

Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. It has been reported that a remote attacker can learn the location of the webroot simply by submitting a request to the launcher application without specifying the additional required information.

Mitigation:

N/A
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2956/info

Citrix Nfuse is an application portal server meant to provide the functionality of any application on the server via a web browser. Nfuse works in conjunction with a previously-installed webserver.

It has been reported that a remote attacker can learn the location of the webroot simply by submitting a request to the launcher application without specifying the additional required information. This has been reported to not be reliably replicable. 

http://target/path/launch.asp?

Navigation

Suggest Exploit

Services By CQR