Exploit for #VU24233 Path traversal in Citrix NetScaler Application Delivery Controller

Published: 2020-03-18 | Updated: 2021-06-17

Vulnerability identifier: #VU24233

Vulnerability risk: Critical

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2019-19781

CWE-ID: CWE-22

Exploitation vector: Network

Exploits in database: 20

June 17, 2021
May 9, 2021
- Citrix ADC (NetScaler) Directory Traversal RCE [Metasploit]
July 30, 2020
- CVE-2019-19781 (Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit ) [Github]
May 12, 2020
- Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201 (This document explain Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [CVE-2019-19781]) [Github]
March 18, 2020

Vulnerable software:
Citrix NetScaler Application Delivery Controller
Server applications / Application servers

Vendor: Citrix