Detecting Adobe ColdFusion CVE-2023–26360, Atlassian Confluence CVE-2023–22515, and Citrix Netscaler CVE-2023–4966 with OWASP Nettacker(v0.3.2)
On October 31st, 2023, the OWASP Nettacker project team released version 0.3.2 with new modules to scan networks for critical vulnerabilities. The new modules include Adobe ColdFusion CVE-2023–26360, Atlassian Confluence CVE-2023–22515, and Citrix Netscaler CVE-2023–4966.
OWASP Nettackerr is an open-source software written in Python language that helps you perform tasks such as automated penetration testing and automated information gathering. It can run various scans using a variety of methods and generate scan reports (in HTML/TXT/JSON/CSV format) for applications and networks, including discovering open ports, services, bugs, vulnerabilities, misconfigurations, default credentials, subdomains, etc
OWASP Nettacker can be run as a command-line utility (including running as a Docker container), API, Web GUI mode, or as Maltego transforms . It is written in 100% Python and does not rely on launching any external tools .
The new Nettacker modules added in version 0.3.2 are designed to scan networks for the following critical vulnerabilities:
Atlassian Confluence CVE-2023–22515 is a privilege escalation vulnerability in Confluence Data Center and Server products.
Citrix Netscaler CVE-2023–4966 (aka “CitrixBleed”) is a critical buffer overflow vulnerability that allows for sensitive information disclosure (e.g. session cookies) when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
OWASP Nettacker can also help you find instances of critically vulnerable MOVEit Transfer and Citrix CVE-2023–24488 in your network .
MOVEit Transfer, a widely-used file transfer software, has been affected by multiple critical vulnerabilities in 2023123. These vulnerabilities have led to significant security breaches, affecting numerous organisations and individuals.
MOVEit TRansfer vulnerabilities were exploited by multiple threat actors to gain unauthorized access to MOVEit servers, upload web shells, exfiltrate data, and initiate intrusion lifecycles8. High-profile government, finance, media, aviation, and healthcare organisations were reportedly affected
The fallout from these vulnerabilities has been significant, with the costs tied to the MOVEit file transfer hack continuing to climb. The situation has led to multiple lawsuits against Progress Software, the owner of MOVEit, claiming that poor security led to the vulnerabilities.
It’s important to note that the full scale of the MOVEit attack is still unknown, and more victims may come forward in the future. This series of incidents underscores the importance of robust cybersecurity measures and timely patching of software vulnerabilities.
Example — scanning for MOVEit Transfer vulnerable versions with Nettacker:
python3 nettacker.py -l target_list.txt -m moveit_version_scan
Top comments (0)