oseasfr

oseasfr / Scanner_CVE_2026-42945

Public

Script Python para detecção de instâncias Nginx vulneráveis ao CVE-2026-42945 em IPs, CIDRs e ASNs.

14
0
60% credibility
Found May 21, 2026 at 14 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

This is a security scanning tool designed to help system administrators identify web servers running outdated versions of Nginx that are vulnerable to a known security flaw. The tool can check individual servers, entire network ranges, or large blocks of internet addresses. It connects to each target, reads information about the Nginx version installed, and classifies each server as safe, vulnerable, or needing further investigation. Results are saved in organized reports so administrators can track which servers need updating. The tool includes clear instructions for fixing vulnerable servers by upgrading to the latest secure version.

How It Works

1
🔍 You hear about a security issue

You learn that older versions of Nginx web servers have a vulnerability that needs to be fixed.

2
📦 You download the scanner

You get a small program that can automatically check your servers to see if they're affected.

3
🎯 You choose what to check

You tell the scanner which servers to examine — a single address, a whole network range, or even an entire internet provider block.

4
The scanner goes to work

The program visits each server, checks what version of Nginx is running, and records whether it's safe or needs attention.

5
You receive your results
All servers are safe

Your infrastructure is protected and you can relax.

⚠️
Some servers need attention

You see exactly which servers are running outdated versions and need to be updated.

🛡️ You update and secure everything

Following the provided instructions, you update the vulnerable servers and your web infrastructure is protected again.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 14 to 14 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is Scanner_CVE_2026-42945?

This is a Python-based vulnerability scanner that detects Nginx instances exposed to CVE-2026-42945 (NGINX RIFT). The tool probes HTTP and HTTPS endpoints on standard ports, reads the Server header, and classifies each host as vulnerable, safe, or potentially affected with a hidden version. It accepts individual IPs, CIDR ranges, and full ASNs as targets, making it suitable for scanning both small internal networks and large ISP allocations. Results are written to timestamped log files and CSV output for easy integration into security workflows.

Why is it gaining traction?

The scanner goes beyond simple IP scanning by accepting ASN numbers and resolving their originated prefixes via RIPE Stat or bgp.tools, enabling whole-organization scans. Its two-phase architecture handles DNS resolution separately from HTTP probing, keeping scans fast even against thousands of hosts. The tool includes threaded execution with configurable workers, CSV export, and explicit warnings about unauthorized scanning, showing thoughtful design for real-world security work.

Who should use this?

Security engineers evaluating CVE-2026-42945 exposure, DevOps teams managing Nginx fleets across multiple environments, and pentesters verifying client patches will find this useful. Organizations running large internal networks with unpatched Nginx instances can use this to quickly enumerate at-risk hosts before planning remediation.

Verdict

With only 14 stars and a credibility score of 0.6000000238418579%, this is a niche tool from an unknown author lacking formal test coverage or established community. That said, the CLI is practical, the detection logic is auditable, and the multi-format input support makes it viable for targeted CVE work. Use it with caution in production environments and verify results independently.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.