一、 漏洞 CVE-2019-19781 基础信息
漏洞信息
                                        # N/A

## 概述
Citrix Application Delivery Controller (ADC) 和 Gateway 存在一个目录遍历的安全问题。

## 影响版本
- 10.5
- 11.1
- 12.0
- 12.1
- 13.0

## 细节
该问题允许攻击者利用目录遍历漏洞访问受限的文件或目录。

## 影响
攻击者可以利用此漏洞读取或访问系统上本应受到保护的文件和数据,导致敏感信息泄露和其他潜在的安全风险。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Citrix Systems NetScaler Gateway(Citrix Systems Gateway)和Citrix Application Delivery Controller(ADC)都是美国思杰系统(Citrix Systems)公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能,以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
路径遍历
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2019-19781 的公开POC
# POC 描述 源链接 神龙链接
1 Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ] https://github.com/projectzeroindia/CVE-2019-19781 POC详情
2 This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first. https://github.com/trustedsec/cve-2019-19781 POC详情
3 Test a host for susceptibility to CVE-2019-19781 https://github.com/cisagov/check-cve-2019-19781 POC详情
4 Citrix ADC Remote Code Execution https://github.com/jas502n/CVE-2019-19781 POC详情
5 Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ] https://github.com/ianxtianxt/CVE-2019-19781 POC详情
6 CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit https://github.com/mpgn/CVE-2019-19781 POC详情
7 CVE-2019-19781 Citrix RCE https://github.com/oways/CVE-2019-19781 POC详情
8 Took at stab at an NSE discovery script for CVE-2019-19781. https://github.com/becrevex/Citrix_CVE-2019-19781 POC详情
9 All Working Exploits https://github.com/unknowndevice64/Exploits_CVE-2019-19781 POC详情
10 A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrix https://github.com/haxrob/citrixmash_scanner POC详情
11 My working exploit script for Shitrix (CVE-2019-19781) https://github.com/jamesjguthrie/Shitrix-CVE-2019-19781 POC详情
12 DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781 https://github.com/haxrob/CVE-2019-19781 POC详情
13 Citrix Netscaler RCE https://github.com/hollerith/CVE-2019-19781 POC详情
14 Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. You must have a Shodan account to use this script. https://github.com/aqhmal/CVE-2019-19781 POC详情
15 Detect and log CVE-2019-19781 scan and exploitation attempts. https://github.com/MalwareTech/CitrixHoneypot POC详情
16 The exploitation module for the CVE-2019-19781 #Shitrix (Vulnerability in Citrix Application Delivery Controller and Citrix Gateway). https://github.com/mekhalleh/citrix_dir_traversal_rce POC详情
17 None https://github.com/zenturacp/cve-2019-19781-web POC详情
18 Check your website for CVE-2019-19781 Vulnerable https://github.com/zgelici/CVE-2019-19781-Checker POC详情
19 IOCs for CVE-2019-19781 https://github.com/digitalshadows/CVE-2019-19781_IOCs POC详情
20 Automated forensic script hunting for cve-2019-19781 https://github.com/onSec-fr/CVE-2019-19781-Forensic POC详情
21 This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system information https://github.com/DanielWep/CVE-NetScalerFileSystemCheck POC详情
22 None https://github.com/Castaldio86/Detect-CVE-2019-19781 POC详情
23 Check ADC for CVE-2019-19781 https://github.com/j81blog/ADC-19781 POC详情
24 批量概念驗證用 https://github.com/b510/CVE-2019-19781 POC详情
25 CVE-2019-19781 Attack Triage Script https://github.com/redscan/CVE-2019-19781 POC详情
26 CVE-2019-19781 bash exploit https://github.com/ynsmroztas/citrix.sh POC详情
27 Código desenvolvido para a verificação em massa da vulnerabilidade CVE-2019-19781 de hosts descobertos pelo Shodan. Pull requests são bem vindas. https://github.com/digitalgangst/massCitrix POC详情
28 Indicator of Compromise Scanner for CVE-2019-19781 https://github.com/mandiant/ioc-scanner-CVE-2019-19781 POC详情
29 Indicator of Compromise Scanner for CVE-2019-19781 https://github.com/citrix/ioc-scanner-CVE-2019-19781 POC详情
30 Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attempts https://github.com/haxrob/citrix-honeypot POC详情
31 :microscope: Jupyter notebook to help automate some of the forensic analysis related to Citrix Netscalers compromised via CVE-2019-19781 https://github.com/L4r1k/CitrixNetscalerAnalysis POC详情
32 My Citrix ADC NetScaler CVE-2019-19781 Vulnerability DFIR notes. https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes POC详情
33 a script to look for CVE-2019-19781 Vulnerability within a domain and it's subdomains https://github.com/0xams/citrixvulncheck POC详情
34 Python CVE-2019-19781 exploit https://github.com/r4ulcl/CVE-2019-19781 POC详情
35 Gather a list of Citrix appliances in a country / state pair, and check if they're vulnerable to CVE-2019-19781 https://github.com/nmanzi/webcvescanner POC详情
36 None https://github.com/darren646/CVE-2019-19781POC POC详情
37 citrix adc rce https://github.com/5l1v3r1/Citrix_CVE-2019-19781 POC详情
38 This document explain Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [CVE-2019-19781] https://github.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201 POC详情
39 None https://github.com/yukar1z0e/CVE-2019-19781 POC详情
40 None https://github.com/SharpHack/CVE-2019-19781 POC详情
41 修改的poc,适用于python3 https://github.com/qiong-qi/CVE-2019-19781-poc POC详情
42 Citrix Unauthorized Remote Code Execution Attacker - CVE-2019-19781 https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE POC详情
43 Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. https://github.com/andripwn/CVE-2019-19781 POC详情
44 Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit https://github.com/VladRico/CVE-2019-19781 POC详情
45 None https://github.com/pwn3z/CVE-2019-19781-Citrix POC详情
46 Citrix ADC RCE cve-2019-19781 https://github.com/Vulnmachines/Ctirix_RCE-CVE-2019-19781 POC详情
47 CVE-2019-19781 https://github.com/k-fire/CVE-2019-19781-exploit POC详情
48 None https://github.com/zerobytesecure/CVE-2019-19781 POC详情
49 None https://github.com/citrixgitoff/-ioc-scanner-CVE-2019-19781 POC详情
50 RCE, Citirx ADC and Gateway Directory Traversal https://github.com/chihyeonwon/CVE-2019-19781 POC详情
51 RCE, Citirx ADC and Gateway Directory Traversal https://github.com/mr-won/CVE-2019-19781 POC详情
52 Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-19781.yaml POC详情
53 None https://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/Citrix%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2019-19781.md POC详情
54 RCE, Citirx ADC and Gateway Directory Traversal https://github.com/user20252228/CVE-2019-19781 POC详情
55 A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash https://github.com/awesome-security/citrixmash_scanner POC详情
56 Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attempts https://github.com/EliusHHimel/citrix-honeypot POC详情
57 RCE, Citirx ADC and Gateway Directory Traversal https://github.com/tpdlshdmlrkfmcla/CVE-2019-19781 POC详情
三、漏洞 CVE-2019-19781 的情报信息
四、漏洞 CVE-2019-19781 的评论

暂无评论

发表评论