By cyberstruggle
inArticles, Delta Group
Introduction
Last month, a critical vulnerability in Citrix ADC and Citrix Gateway was published under CVE-2019-19781. The vulnerability caught our attention as it suggested that an unauthenticated adversary could leverage it to compromise the device.
Although there were no publicly available details on how to exploit this issue, the mitigation advisory from Citrix revealed a potential clue to the type of vulnerability that it was.
There is a nice analysis about the details of vulnerability on mdsec website. You can reach from there.
We wrote NSE script to identify if your asset is vulnerable or not quickly. You can reach the script from our github account.
If you have any issue you can use Github Issues to inform us. Have fun!