一、 漏洞 CVE-2019-19781 基础信息
漏洞标题
N/A
来源:AIGC 神龙大模型
漏洞描述信息
在 Citrix Application Delivery Controller (ADC) 和 Gateway 10.5、11.1、12.0、12.1 和 13.0 中发现了一个问题。它们允许目录浏览。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
来源:AIGC 神龙大模型
漏洞类别
N/A
来源:AIGC 神龙大模型
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Citrix Systems NetScaler Gateway(Citrix Systems Gateway)和Citrix Application Delivery Controller(ADC)都是美国思杰系统(Citrix Systems)公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能,以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
路径遍历
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2019-19781 的公开POC
# POC 描述 源链接 神龙链接
1 Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ] https://github.com/projectzeroindia/CVE-2019-19781 POC详情
2 This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first. https://github.com/trustedsec/cve-2019-19781 POC详情
3 Test a host for susceptibility to CVE-2019-19781 https://github.com/cisagov/check-cve-2019-19781 POC详情
4 Citrix ADC Remote Code Execution https://github.com/jas502n/CVE-2019-19781 POC详情
5 Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ] https://github.com/ianxtianxt/CVE-2019-19781 POC详情
6 CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit https://github.com/mpgn/CVE-2019-19781 POC详情
7 CVE-2019-19781 Citrix RCE https://github.com/oways/CVE-2019-19781 POC详情
8 Took at stab at an NSE discovery script for CVE-2019-19781. https://github.com/becrevex/Citrix_CVE-2019-19781 POC详情
9 All Working Exploits https://github.com/unknowndevice64/Exploits_CVE-2019-19781 POC详情
10 A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrix https://github.com/haxrob/citrixmash_scanner POC详情
11 My working exploit script for Shitrix (CVE-2019-19781) https://github.com/jamesjguthrie/Shitrix-CVE-2019-19781 POC详情
12 DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781 https://github.com/haxrob/CVE-2019-19781 POC详情
13 Citrix Netscaler RCE https://github.com/hollerith/CVE-2019-19781 POC详情
14 Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. You must have a Shodan account to use this script. https://github.com/aqhmal/CVE-2019-19781 POC详情
15 Detect and log CVE-2019-19781 scan and exploitation attempts. https://github.com/MalwareTech/CitrixHoneypot POC详情
16 The exploitation module for the CVE-2019-19781 #Shitrix (Vulnerability in Citrix Application Delivery Controller and Citrix Gateway). https://github.com/mekhalleh/citrix_dir_traversal_rce POC详情
17 None https://github.com/zenturacp/cve-2019-19781-web POC详情
18 Check your website for CVE-2019-19781 Vulnerable https://github.com/zgelici/CVE-2019-19781-Checker POC详情
19 IOCs for CVE-2019-19781 https://github.com/digitalshadows/CVE-2019-19781_IOCs POC详情
20 Automated forensic script hunting for cve-2019-19781 https://github.com/onSec-fr/CVE-2019-19781-Forensic POC详情
21 This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system information https://github.com/DanielWep/CVE-NetScalerFileSystemCheck POC详情
22 None https://github.com/Castaldio86/Detect-CVE-2019-19781 POC详情
23 Check ADC for CVE-2019-19781 https://github.com/j81blog/ADC-19781 POC详情
24 批量概念驗證用 https://github.com/b510/CVE-2019-19781 POC详情
25 CVE-2019-19781 Attack Triage Script https://github.com/redscan/CVE-2019-19781 POC详情
26 CVE-2019-19781 bash exploit https://github.com/ynsmroztas/citrix.sh POC详情
27 Código desenvolvido para a verificação em massa da vulnerabilidade CVE-2019-19781 de hosts descobertos pelo Shodan. Pull requests são bem vindas. https://github.com/digitalgangst/massCitrix POC详情
28 Indicator of Compromise Scanner for CVE-2019-19781 https://github.com/mandiant/ioc-scanner-CVE-2019-19781 POC详情
29 Indicator of Compromise Scanner for CVE-2019-19781 https://github.com/citrix/ioc-scanner-CVE-2019-19781 POC详情
30 Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attempts https://github.com/haxrob/citrix-honeypot POC详情
31 :microscope: Jupyter notebook to help automate some of the forensic analysis related to Citrix Netscalers compromised via CVE-2019-19781 https://github.com/L4r1k/CitrixNetscalerAnalysis POC详情
32 My Citrix ADC NetScaler CVE-2019-19781 Vulnerability DFIR notes. https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes POC详情
33 a script to look for CVE-2019-19781 Vulnerability within a domain and it's subdomains https://github.com/0xams/citrixvulncheck POC详情
34 Python CVE-2019-19781 exploit https://github.com/r4ulcl/CVE-2019-19781 POC详情
35 Gather a list of Citrix appliances in a country / state pair, and check if they're vulnerable to CVE-2019-19781 https://github.com/nmanzi/webcvescanner POC详情
36 None https://github.com/darren646/CVE-2019-19781POC POC详情
37 citrix adc rce https://github.com/5l1v3r1/Citrix_CVE-2019-19781 POC详情
38 This document explain Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [CVE-2019-19781] https://github.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201 POC详情
39 None https://github.com/yukar1z0e/CVE-2019-19781 POC详情
40 None https://github.com/SharpHack/CVE-2019-19781 POC详情
41 修改的poc,适用于python3 https://github.com/qiong-qi/CVE-2019-19781-poc POC详情
42 Citrix Unauthorized Remote Code Execution Attacker - CVE-2019-19781 https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE POC详情
43 Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. https://github.com/andripwn/CVE-2019-19781 POC详情
44 Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit https://github.com/VladRico/CVE-2019-19781 POC详情
45 None https://github.com/pwn3z/CVE-2019-19781-Citrix POC详情
46 Citrix ADC RCE cve-2019-19781 https://github.com/Vulnmachines/Ctirix_RCE-CVE-2019-19781 POC详情
47 CVE-2019-19781 https://github.com/k-fire/CVE-2019-19781-exploit POC详情
48 None https://github.com/zerobytesecure/CVE-2019-19781 POC详情
49 None https://github.com/citrixgitoff/-ioc-scanner-CVE-2019-19781 POC详情
50 RCE, Citirx ADC and Gateway Directory Traversal https://github.com/chihyeonwon/CVE-2019-19781 POC详情
51 RCE, Citirx ADC and Gateway Directory Traversal https://github.com/mr-won/CVE-2019-19781 POC详情
52 Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-19781.yaml POC详情
53 None https://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/Citrix%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2019-19781.md POC详情
54 RCE, Citirx ADC and Gateway Directory Traversal https://github.com/user20252228/CVE-2019-19781 POC详情
三、漏洞 CVE-2019-19781 的情报信息