CVE-2019-19781
CVE-2019-19781
In short
Citrix ADC and Gateway versions 10.5 through 13.0 contain a directory traversal vulnerability that allows attackers to access files and directories outside their intended location on the server, potentially exposing sensitive system information and configurations.
Technical detail
A path traversal vulnerability in Citrix ADC/Gateway enables unauthenticated remote attackers to bypass access controls and read arbitrary files on the affected system by manipulating file paths with directory traversal sequences (e.g., ../). The vulnerability affects multiple versions and can lead to unauthorized disclosure of sensitive data including credentials and system configuration.
Summary generated and translated by AI from the official description.
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 54
githubgithub.com/trustedsec/cve-2019-19781★ 572githubgithub.com/projectzeroindia/CVE-2019-19781★ 366githubgithub.com/mpgn/CVE-2019-19781★ 158githubgithub.com/MalwareTech/CitrixHoneypot★ 120githubgithub.com/cisagov/check-cve-2019-19781★ 109githubgithub.com/mandiant/ioc-scanner-CVE-2019-19781★ 94githubgithub.com/jas502n/CVE-2019-19781★ 85githubgithub.com/citrix/ioc-scanner-CVE-2019-19781★ 58githubgithub.com/aqhmal/CVE-2019-19781★ 11githubgithub.com/w4fz5uck5/CVE-2019-19781-CitrixRCE★ 10githubgithub.com/ianxtianxt/CVE-2019-19781★ 7githubgithub.com/VladRico/CVE-2019-19781★ 7githubgithub.com/unknowndevice64/Exploits_CVE-2019-19781★ 4githubgithub.com/k-fire/CVE-2019-19781-exploit★ 3githubgithub.com/onSec-fr/CVE-2019-19781-Forensic★ 3githubgithub.com/j81blog/ADC-19781★ 3githubgithub.com/oways/CVE-2019-19781★ 2githubgithub.com/DanielWep/CVE-NetScalerFileSystemCheck★ 2githubgithub.com/andripwn/CVE-2019-19781★ 2githubgithub.com/Vulnmachines/Ctirix_RCE-CVE-2019-19781★ 1githubgithub.com/r4ulcl/CVE-2019-19781★ 1githubgithub.com/redscan/CVE-2019-19781★ 1githubgithub.com/nmanzi/webcvescanner★ 1githubgithub.com/Azeemering/CVE-2019-19781-DFIR-Notes★ 0githubgithub.com/tpdlshdmlrkfmcla/CVE-2019-19781★ 0githubgithub.com/zerobytesecure/CVE-2019-19781★ 0githubgithub.com/pwn3z/CVE-2019-19781-Citrix★ 0githubgithub.com/becrevex/Citrix_CVE-2019-19781★ 0githubgithub.com/jamesjguthrie/Shitrix-CVE-2019-19781★ 0githubgithub.com/hollerith/CVE-2019-19781★ 0githubgithub.com/mekhalleh/citrix_dir_traversal_rce★ 0githubgithub.com/zgelici/CVE-2019-19781-Checker★ 0githubgithub.com/digitalshadows/CVE-2019-19781_IOCs★ 0githubgithub.com/autocode07/cisagov__check-cve-2019-19781.4142e02b★ 0githubgithub.com/0xams/citrixvulncheck★ 0githubgithub.com/EliusHHimel/citrix-honeypot★ 0githubgithub.com/darren646/CVE-2019-19781POC★ 0githubgithub.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201★ 0githubgithub.com/yukar1z0e/CVE-2019-19781★ 0githubgithub.com/SharpHack/CVE-2019-19781★ 0githubgithub.com/qiong-qi/CVE-2019-19781-poc★ 0githubgithub.com/Castaldio86/Detect-CVE-2019-19781★ 0githubgithub.com/awesome-security/citrixmash_scanner★ 0githubgithub.com/b510/CVE-2019-19781★ 0githubgithub.com/digitalgangst/massCitrix★ 0githubgithub.com/L4r1k/CitrixNetscalerAnalysis★ 0cve_referencepacketstormsecurity.com/files/155972/Citrix-ADC-Gateway-Path-Traversal.htmlunverifiedcve_referencepacketstormsecurity.com/files/155905/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution-Traversal.htmlunverifiedcve_referencepacketstormsecurity.com/files/155947/Citrix-ADC-NetScaler-Directory-Traversal-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/155904/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47901unverifiedexploitdbwww.exploit-db.com/exploits/47913unverifiedexploitdbwww.exploit-db.com/exploits/47930unverifiedcve_referencepacketstormsecurity.com/files/155930/Citrix-Application-Delivery-Controller-Gateway-10.5-Remote-Code-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/155904/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/155905/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution-Traversal.htmlhttp://packetstormsecurity.com/files/155930/Citrix-Application-Delivery-Controller-Gateway-10.5-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/155947/Citrix-ADC-NetScaler-Directory-Traversal-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/155972/Citrix-ADC-Gateway-Path-Traversal.htmlhttps://badpackets.net/over-25000-citrix-netscaler-endpoints-vulnerable-to-cve-2019-19781/https://forms.gle/eDf3DXZAv96oosfj6https://support.citrix.com/article/CTX267027https://twitter.com/bad_packets/status/1215431625766424576https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-19781https://www.kb.cert.org/vuls/id/619785