Citrix NetScaler ADC/Gateway Pre-Auth SAML Memory Overread — "CitrixBleed"-style Leak (CVE-2026-8451)
by Aliz (@alizTheHax0r) of watchTowr Labs · 2026-07-03
- Severity
- High
- CVE
- CVE-2026-8451
- Category
- network
- Affected product
- Citrix NetScaler ADC and NetScaler Gateway
- Affected versions
- 14.1 before 14.1-72.61; 13.1 before 13.1-63.18; NetScaler ADC FIPS before 14.1-72.61 FIPS; NetScaler ADC FIPS and NDcPP before 13.1-37.272
- Disclosed
- 2026-07-03
- Patch status
- unpatched
Tags
References
- https://labs.watchtowr.com/citrixbleed-to-infinity-and-beyond-citrix-netscaler-pre-auth-memory-overread-cve-2026-8451/
- https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696604
- https://cyberscoop.com/citrix-netscaler-flaw-cve-2026-8451-citrixbleed/
- https://github.com/watchtowrlabs/watchTowr-vs-Netscaler-CVE-2026-8451
Archive entry
intelseclab/poc-archiveMetadata
| Field | Value |
|---|---|
| Date Added | 2026-07-03 |
| Last Updated | 2026-06-30 |
| Author / Researcher | Aliz (@alizTheHax0r) of watchTowr Labs |
| CVE / Advisory | CVE-2026-8451 |
| Category | network |
| Severity | High |
| CVSS Score | 7.5–8.8 (source-dependent) |
| Status | Incomplete PoC (memory-leak/detection primitive only — no session-hijack automation) |
| Tags | memory-disclosure, SAML, Citrix, NetScaler, ADC, Gateway, citrixbleed, unauthenticated, active-exploitation |
| Related | N/A |
Affected Target
| Field | Value |
|---|---|
| Software / System | Citrix NetScaler ADC and NetScaler Gateway |
| Versions Affected | 14.1 before 14.1-72.61; 13.1 before 13.1-63.18; NetScaler ADC FIPS before 14.1-72.61 FIPS; NetScaler ADC FIPS and NDcPP before 13.1-37.272 |
| Language / Platform | Python (PoC) targeting NetScaler’s SAML authentication endpoint |
| Authentication Required | No |
| Network Access Required | Yes (HTTPS to NetScaler /saml/login endpoint) |
Summary
CVE-2026-8451 is a pre-authentication out-of-bounds memory read in Citrix NetScaler ADC/Gateway’s SAML request parser, in the same vulnerability class as the infamous 2023 “CitrixBleed” (CVE-2023-4966). By posting a specially-sized, malformed SAMLRequest to /saml/login, an unauthenticated attacker can cause the appliance to leak adjacent heap memory back inside the NSC_TASS response cookie. Citrix disclosed and patched this on 2026-06-30 (advisory CTX696604); exploitation in the wild was observed within roughly 24 hours of disclosure. This archived PoC — watchTowr Labs’ official “Detection Artifact Generator” — reliably demonstrates the memory-disclosure primitive (varying the padding size to walk across heap block sizes and printing leaked bytes as a hexdump) but is explicitly not a full exploit chain: it does not parse leaked session tokens/credentials or automate turning the leak into an authenticated session takeover.
Vulnerability Details
Root Cause
NetScaler’s SAML AuthnRequest parser performs an out-of-bounds heap read when handling a crafted, oversized/malformed request; the resulting adjacent-memory bytes are echoed back to the client embedded in the NSC_TASS cookie’s ACSURL= field.
Attack Vector
- Construct a base64-encoded, URL-percent-encoded
SAMLRequestbody with a variable amount of padding (' ' * n) to probe different heap allocation sizes. - POST the crafted request to
{target}/saml/login. - Extract the
NSC_TASSresponse cookie, base64-decode it, and locate content following theACSURL=marker — this is leaked adjacent heap memory. - Repeat across a range of padding sizes to sample a variety of heap blocks, printing each as a hexdump.
Impact
Unauthenticated disclosure of adjacent process heap memory, which — depending on what happens to be resident at leak time — could expose session tokens, credentials, or other sensitive in-memory data usable for follow-on session hijacking (as with the original CitrixBleed). This PoC demonstrates the leak primitive only; it does not automate extraction of a usable session/credential from the leaked bytes.
Environment / Lab Setup
Target: Citrix NetScaler ADC/Gateway < 14.1-72.61 / < 13.1-63.18
Attacker: Python 3 + requests
Proof of Concept
PoC Script
See
watchTowr-vs-Netscaler-CVE-2026-8451.pyin this folder.
| |
Posts a series of crafted SAML AuthnRequest payloads with varying padding to /saml/login, extracts the NSC_TASS cookie from each response, and hexdumps any leaked heap bytes found after the ACSURL= marker.
This PoC demonstrates memory disclosure only — it is not a working session-hijack or full authentication-bypass exploit.
Detection & Indicators of Compromise
Signs of compromise:
- Bursts of
/saml/loginrequests with varying payload sizes from a single source in a short window - Session hijacking or admin-console access inconsistent with normal authentication flow shortly after such probing
Remediation
| Action | Detail |
|---|---|
| Primary fix | Apply the Citrix fix per advisory CTX696604 (NetScaler ADC/Gateway 14.1-72.61+ / 13.1-63.18+) |
| Mitigation | Restrict /saml/login and other authentication endpoints to expected client sources where feasible; monitor for anomalous session reuse |
| Cleanup | Following patching, consider invalidating all active sessions given the potential for prior session-token leakage |
References
- CitrixBleed To Infinity And Beyond — CVE-2026-8451 (watchTowr Labs)
- Citrix Security Advisory CTX696604
- Citrix NetScaler flaw CVE-2026-8451 with echoes of CitrixBleed (CyberScoop)
- Source repository (watchtowrlabs)
Notes
Mirrored from https://github.com/watchtowrlabs/watchTowr-vs-Netscaler-CVE-2026-8451 on 2026-07-03. Official watchTowr Labs research repo (author: Aliz / @alizTheHax0r) — genuine and credible, but deliberately scoped as a “Detection Artifact Generator” rather than a full exploit. Treat any third-party claims of a complete session-hijack/RCE chain for this CVE with skepticism until corroborated by a named researcher or vendor writeup.
| |