支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:620

62.0%
立即捐款
一、 漏洞 CVE-2019-19781 基础信息
漏洞信息
                                        # N/A

## 概述
Citrix Application Delivery Controller (ADC) 和 Gateway 存在一个目录遍历的安全问题。

## 影响版本
- 10.5
- 11.1
- 12.0
- 12.1
- 13.0

## 细节
该问题允许攻击者利用目录遍历漏洞访问受限的文件或目录。

## 影响
攻击者可以利用此漏洞读取或访问系统上本应受到保护的文件和数据,导致敏感信息泄露和其他潜在的安全风险。
神龙判断

是否为 Web 类漏洞:

判断理由:

是。这个漏洞是存在于Citrix Application Delivery Controller (ADC)和Gateway的多个版本中,允许攻击者通过目录遍历(Directory Traversal)技术访问服务器上的任意文件。这属于服务端的安全漏洞,因为它影响了Web服务的后端处理逻辑,可能导致敏感信息泄露。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Citrix Systems NetScaler Gateway(Citrix Systems Gateway)和Citrix Application Delivery Controller(ADC)都是美国思杰系统(Citrix Systems)公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能,以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
路径遍历
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2019-19781 的公开POC
#POC 描述源链接神龙链接
1Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]https://github.com/projectzeroindia/CVE-2019-19781POC详情
2This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.https://github.com/trustedsec/cve-2019-19781POC详情
3Test a host for susceptibility to CVE-2019-19781https://github.com/cisagov/check-cve-2019-19781POC详情
4Citrix ADC Remote Code Executionhttps://github.com/jas502n/CVE-2019-19781POC详情
5Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]https://github.com/ianxtianxt/CVE-2019-19781POC详情
6CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploithttps://github.com/mpgn/CVE-2019-19781POC详情
7CVE-2019-19781 Citrix RCEhttps://github.com/oways/CVE-2019-19781POC详情
8Took at stab at an NSE discovery script for CVE-2019-19781.https://github.com/becrevex/Citrix_CVE-2019-19781POC详情
9All Working Exploitshttps://github.com/unknowndevice64/Exploits_CVE-2019-19781POC详情
10A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrixhttps://github.com/haxrob/citrixmash_scannerPOC详情
11My working exploit script for Shitrix (CVE-2019-19781)https://github.com/jamesjguthrie/Shitrix-CVE-2019-19781POC详情
12DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781https://github.com/haxrob/CVE-2019-19781POC详情
13Citrix Netscaler RCEhttps://github.com/hollerith/CVE-2019-19781POC详情
14Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. You must have a Shodan account to use this script.https://github.com/aqhmal/CVE-2019-19781POC详情
15Detect and log CVE-2019-19781 scan and exploitation attempts.https://github.com/MalwareTech/CitrixHoneypotPOC详情
16The exploitation module for the CVE-2019-19781 #Shitrix (Vulnerability in Citrix Application Delivery Controller and Citrix Gateway).https://github.com/mekhalleh/citrix_dir_traversal_rcePOC详情
17Nonehttps://github.com/zenturacp/cve-2019-19781-webPOC详情
18Check your website for CVE-2019-19781 Vulnerablehttps://github.com/zgelici/CVE-2019-19781-CheckerPOC详情
19IOCs for CVE-2019-19781https://github.com/digitalshadows/CVE-2019-19781_IOCsPOC详情
20Automated forensic script hunting for cve-2019-19781https://github.com/onSec-fr/CVE-2019-19781-ForensicPOC详情
21This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system informationhttps://github.com/DanielWep/CVE-NetScalerFileSystemCheckPOC详情
22Nonehttps://github.com/Castaldio86/Detect-CVE-2019-19781POC详情
23Check ADC for CVE-2019-19781https://github.com/j81blog/ADC-19781POC详情
24批量概念驗證用https://github.com/b510/CVE-2019-19781POC详情
25CVE-2019-19781 Attack Triage Scripthttps://github.com/redscan/CVE-2019-19781POC详情
26CVE-2019-19781 bash exploit https://github.com/ynsmroztas/citrix.shPOC详情
27Código desenvolvido para a verificação em massa da vulnerabilidade CVE-2019-19781 de hosts descobertos pelo Shodan. Pull requests são bem vindas. https://github.com/digitalgangst/massCitrixPOC详情
28Indicator of Compromise Scanner for CVE-2019-19781https://github.com/mandiant/ioc-scanner-CVE-2019-19781POC详情
29Indicator of Compromise Scanner for CVE-2019-19781https://github.com/citrix/ioc-scanner-CVE-2019-19781POC详情
30Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attemptshttps://github.com/haxrob/citrix-honeypotPOC详情
31:microscope: Jupyter notebook to help automate some of the forensic analysis related to Citrix Netscalers compromised via CVE-2019-19781https://github.com/L4r1k/CitrixNetscalerAnalysisPOC详情
32My Citrix ADC NetScaler CVE-2019-19781 Vulnerability DFIR notes. https://github.com/Azeemering/CVE-2019-19781-DFIR-NotesPOC详情
33a script to look for CVE-2019-19781 Vulnerability within a domain and it's subdomainshttps://github.com/0xams/citrixvulncheckPOC详情
34Python CVE-2019-19781 exploithttps://github.com/r4ulcl/CVE-2019-19781POC详情
35Gather a list of Citrix appliances in a country / state pair, and check if they're vulnerable to CVE-2019-19781https://github.com/nmanzi/webcvescannerPOC详情
36Nonehttps://github.com/darren646/CVE-2019-19781POCPOC详情
37citrix adc rcehttps://github.com/5l1v3r1/Citrix_CVE-2019-19781POC详情
38This document explain Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [CVE-2019-19781]https://github.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201POC详情
39Nonehttps://github.com/yukar1z0e/CVE-2019-19781POC详情
40Nonehttps://github.com/SharpHack/CVE-2019-19781POC详情
41修改的poc,适用于python3https://github.com/qiong-qi/CVE-2019-19781-pocPOC详情
42Citrix Unauthorized Remote Code Execution Attacker - CVE-2019-19781https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCEPOC详情
43Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API.https://github.com/andripwn/CVE-2019-19781POC详情
44Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit https://github.com/VladRico/CVE-2019-19781POC详情
45Nonehttps://github.com/pwn3z/CVE-2019-19781-CitrixPOC详情
46Citrix ADC RCE cve-2019-19781https://github.com/Vulnmachines/Ctirix_RCE-CVE-2019-19781POC详情
47CVE-2019-19781https://github.com/k-fire/CVE-2019-19781-exploitPOC详情
48Nonehttps://github.com/zerobytesecure/CVE-2019-19781POC详情
49Nonehttps://github.com/citrixgitoff/-ioc-scanner-CVE-2019-19781POC详情
50RCE, Citirx ADC and Gateway Directory Traversalhttps://github.com/chihyeonwon/CVE-2019-19781POC详情
51RCE, Citirx ADC and Gateway Directory Traversalhttps://github.com/mr-won/CVE-2019-19781POC详情
52Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities.https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-19781.yamlPOC详情
53Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/Citrix%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2019-19781.mdPOC详情
54RCE, Citirx ADC and Gateway Directory Traversalhttps://github.com/user20252228/CVE-2019-19781POC详情
55A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmashhttps://github.com/awesome-security/citrixmash_scannerPOC详情
56Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attemptshttps://github.com/EliusHHimel/citrix-honeypotPOC详情
57RCE, Citirx ADC and Gateway Directory Traversalhttps://github.com/tpdlshdmlrkfmcla/CVE-2019-19781POC详情
58Nonehttps://github.com/autocode07/cisagov__check-cve-2019-19781.4142e02bPOC详情
三、漏洞 CVE-2019-19781 的情报信息
四、漏洞 CVE-2019-19781 的评论

暂无评论

发表评论