watchtowrlabs/watchTowr-vs-Netscaler-CVE-2026-8451

GitHub: watchtowrlabs/watchTowr-vs-Netscaler-CVE-2026-8451

针对 Citrix NetScaler CVE-2026-8451 内存越界读取漏洞的检测工件生成工具,用于验证目标设备是否存在该漏洞并泄漏内存数据。

Stars: 11 | Forks: 1

# CVE-2026-8451 Citrix Netscaler 内存越界读取 Citrix Netscaler 越界读取检测工件生成工具! # 检测实战 此检测工件生成器将接受一个目标 Netscaler 设备,并尝试通过 CVE-2026-8451 泄漏内存。 它只需要目标系统。请包含协议,例如 `https://192.168.80.125`。 以下是它泄漏部分内存的示例: ``` $ python3 watchTowr-vs-Netscaler-CVE-2026-8451.py https://192.168.80.125 __ ___ ___________ __ _ ______ _/ |__ ____ | |_\__ ____\____ _ ________ \ \/ \/ \__ \ ___/ ___\| | \| | / _ \ \/ \/ \_ __ \ \ / / __ \| | \ \___| Y | |( <_> \ / | | \/ \/\_/ (____ |__| \___ |___|__|__ | \__ / \/\_/ |__| \/ \/ \/ watchTowr-vs-Netscaler-CVE-2026-8451.py (*) CVE-2026-8451 Citrix Netscaler memory overread Detection Artifact Generator - Aliz (@alizTheHax0r) of watchTowr (@watchTowrcyber) Leaked bytes: 00000000 f0 0d 90 74 3d ef be ad de 41 41 41 41 41 41 41 |...t=....AAAAAAA| 00000010 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 |AAAAAAAAAAAAAAAA| 00000020 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 |AAAAAAAAAAAAAAAA| ... ``` # 受影响版本 根据[供应商公告](https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604): ``` The following supported versions of NetScaler ADC and NetScaler Gateway are affected by the vulnerabilities: NetScaler ADC and NetScaler Gateway 14.1 BEFORE 14.1-72.61 NetScaler ADC and NetScaler Gateway 13.1 BEFORE 13.1-63.18 NetScaler ADC FIPS BEFORE 14.1-72.61 FIPS NetScaler ADC FIPS and NDcPP BEFORE 13.1-37.272 ``` # 关注 [watchTowr](https://watchTowr.com) Labs 如需获取最新的安全研究,请关注 [watchTowr](https://watchTowr.com) Labs 团队 - https://labs.watchtowr.com/ - https://x.com/watchtowrcyber
标签:CISA项目, Citrix NetScaler, Maven, Python, 内存读取, 无后门, 漏洞验证, 逆向工具