Citrix ADC Remote Code Execution, CVE-2019-19781

Citrix ADC Remote Code Execution, CVE-2019-19781

Introduction

Last month, a critical vulnerability in Citrix ADC and Citrix Gateway was published under CVE-2019-19781. The vulnerability caught our attention as it suggested that an unauthenticated adversary could leverage it to compromise the device.

Although there were no publicly available details on how to exploit this issue, the mitigation advisory from Citrix revealed a potential clue to the type of vulnerability that it was.

There is a nice analysis of the details of the vulnerability on mdsec website. You can reach from there.

We wrote an NSE script to identify if your asset is vulnerable or not quickly. You can reach the script from our GitHub account.

If you have any issues you can use Github Issues to inform us. Have fun!