Exploit for #VU24233 Path traversal in Citrix NetScaler Application Delivery Controller

Published: 2020-03-18 | Updated: 2021-06-17

Vulnerability identifier: #VU24233

Vulnerability risk: Critical

CVSSv3.1: 9.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C]

CVE-ID: CVE-2019-19781

CWE-ID: CWE-22

Exploitation vector: Network

Exploits in database: 20

June 17, 2021
May 9, 2021
- Citrix ADC (NetScaler) Directory Traversal RCE [Metasploit]
July 30, 2020
- CVE-2019-19781 (Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit ) [Github]
May 12, 2020
- Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201 (This document explain Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [CVE-2019-19781]) [Github]
March 18, 2020

Impact: Code execution

Vulnerable software:
Citrix NetScaler Application Delivery Controller
Server applications / Application servers

Vendor: Citrix