#!/usr/bin/env python3 """ Safe CVE-2026-34724 Checker for Zammad - Only checks version (no RCE attempt) - Works without login """ import requests import sys import argparse requests.packages.urllib3.disable_warnings() def check_zammad(url): base_url = url.rstrip("/") version_url = f"{base_url}/api/v1/version" print(f"[*] Checking Zammad version at: {base_url}") print("[*] This is a SAFE check — no payload is sent.\n") try: r = requests.get(version_url, verify=False, timeout=10) if r.status_code == 200: data = r.json() version = data.get("version", "Unknown") print(f"[+] Zammad Version Detected: {version}") if version == "Unknown": print("[-] Could not parse version.") return # Compare versions if version.startswith("7.0."): minor = int(version.split(".")[2]) if len(version.split(".")) > 2 else 0 if minor >= 1: print("✅ SAFE - Patched (7.0.1 or newer)") else: print("❌ VULNERABLE - 7.0.0 (upgrade to 7.0.1 required)") elif version.startswith("6."): print("❌ VULNERABLE - 6.x branch (upgrade to 6.5.4 or 7.0.1 recommended)") elif version.startswith("7."): print("✅ SAFE - 7.x branch (assuming >= 7.0.1)") else: print("⚠️ Unknown version branch. Manually check against 7.0.1 / 6.5.4") print(f"\nOfficial Fix: Upgrade to Zammad 7.0.1 or 6.5.4") print("Reference: https://github.com/zammad/zammad/security/advisories/GHSA-fg9w-jg8f-4j94") else: print(f"[-] Failed to fetch version. Status: {r.status_code}") print(" Tip: Make sure the target is a Zammad instance and /api/v1/version is accessible.") except requests.exceptions.RequestException as e: print(f"[-] Connection error: {e}") if __name__ == "__main__": parser = argparse.ArgumentParser(description="Safe CVE-2026-34724 Version Checker") parser.add_argument("-u", "--url", required=True, help="Target URL (e.g. https://128.140.52.23)") args = parser.parse_args() check_zammad(args.url)