Skip to content

telekom-security/cve-2023-3519-citrix-scanner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

cve-2023-3519-citrix-scanner

This script is a basic Citrix Scanner for CVE-2023-3519. We try to identify vulnerable Citrix Gateways/ADCs by looking at the HTTP headers.

How it works

During our analysis of this vulnerability, we and our friends at CERT-Verbund noticed, that our patched systems had the same HTTP header Last-Modified timestamp.

Note that reverse proxies and heavily customised front pages may alter the results. In this case, we check, if the timestamp is volatile. It it isn't and the timestamp is newer than 18. July 2023, the server has probably been patched. This script should not be your only method of checking that you are not vulnerable.

Our current known timestamps are:

Patch Last-Modified Timestamp
13.1-49.13 Mon, 10 Jul 2023 17:41:17 GMT
13.1-49.13 Mon, 10 Jul 2023 18:36:14 GMT
13.0-91.13 Fri, 07 Jul 2023 15:39:40 GMT

Usage

Clone the repository:

git clone https://github.com/telekom-security/cve-2023-3519-citrix-scanner

cd cve-2023-3519-citrix-scanner

Create a file called targets.txt, containing your targets line by line. An example can be found in targets.txt.example.

Run the script.

Further reading

Florian Roth has published a list of further resources for this vulnerability: https://twitter.com/cyb3rops/status/1682297555424628736