.. / CVE-2019-19781

Exploit for Citrix ADC and Gateway - Directory Traversal (CVE-2019-19781)

Description:

Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities.

Nuclei Template

View the template here CVE-2019-19781.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-19781.yaml

References:

https://support.citrix.com/article/CTX267027
https://www.kb.cert.org/vuls/id/619785
http://packetstormsecurity.com/files/155905/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution-Traversal.html
http://packetstormsecurity.com/files/155904/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution.html
https://nvd.nist.gov/vuln/detail/CVE-2019-19781