CVE-2019-19781
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-19781
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Citrix Systems NetScaler Gateway(Citrix Systems Gateway)和Citrix Application Delivery Controller(ADC)都是美国思杰系统(Citrix Systems)公司的产品。Citrix Systems NetScaler Gateway是一套安全的远程接入解决方案。该方案可为管理员提供应用级和数据级管控功能,以实现用户从任何地点远程访问应用和数据。Citrix Application Delivery Controll
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2019-19781
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ] | https://github.com/projectzeroindia/CVE-2019-19781 | POC Details |
| 2 | This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first. | https://github.com/trustedsec/cve-2019-19781 | POC Details |
| 3 | Test a host for susceptibility to CVE-2019-19781 | https://github.com/cisagov/check-cve-2019-19781 | POC Details |
| 4 | Citrix ADC Remote Code Execution | https://github.com/jas502n/CVE-2019-19781 | POC Details |
| 5 | Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ] | https://github.com/ianxtianxt/CVE-2019-19781 | POC Details |
| 6 | CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit | https://github.com/mpgn/CVE-2019-19781 | POC Details |
| 7 | CVE-2019-19781 Citrix RCE | https://github.com/oways/CVE-2019-19781 | POC Details |
| 8 | Took at stab at an NSE discovery script for CVE-2019-19781. | https://github.com/becrevex/Citrix_CVE-2019-19781 | POC Details |
| 9 | All Working Exploits | https://github.com/unknowndevice64/Exploits_CVE-2019-19781 | POC Details |
| 10 | A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrix | https://github.com/haxrob/citrixmash_scanner | POC Details |
| 11 | My working exploit script for Shitrix (CVE-2019-19781) | https://github.com/jamesjguthrie/Shitrix-CVE-2019-19781 | POC Details |
| 12 | DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781 | https://github.com/haxrob/CVE-2019-19781 | POC Details |
| 13 | Citrix Netscaler RCE | https://github.com/hollerith/CVE-2019-19781 | POC Details |
| 14 | Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. You must have a Shodan account to use this script. | https://github.com/aqhmal/CVE-2019-19781 | POC Details |
| 15 | Detect and log CVE-2019-19781 scan and exploitation attempts. | https://github.com/MalwareTech/CitrixHoneypot | POC Details |
| 16 | The exploitation module for the CVE-2019-19781 #Shitrix (Vulnerability in Citrix Application Delivery Controller and Citrix Gateway). | https://github.com/mekhalleh/citrix_dir_traversal_rce | POC Details |
| 17 | None | https://github.com/zenturacp/cve-2019-19781-web | POC Details |
| 18 | Check your website for CVE-2019-19781 Vulnerable | https://github.com/zgelici/CVE-2019-19781-Checker | POC Details |
| 19 | IOCs for CVE-2019-19781 | https://github.com/digitalshadows/CVE-2019-19781_IOCs | POC Details |
| 20 | Automated forensic script hunting for cve-2019-19781 | https://github.com/onSec-fr/CVE-2019-19781-Forensic | POC Details |
| 21 | This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system information | https://github.com/DanielWep/CVE-NetScalerFileSystemCheck | POC Details |
| 22 | None | https://github.com/Castaldio86/Detect-CVE-2019-19781 | POC Details |
| 23 | Check ADC for CVE-2019-19781 | https://github.com/j81blog/ADC-19781 | POC Details |
| 24 | 批量概念驗證用 | https://github.com/b510/CVE-2019-19781 | POC Details |
| 25 | CVE-2019-19781 Attack Triage Script | https://github.com/redscan/CVE-2019-19781 | POC Details |
| 26 | CVE-2019-19781 bash exploit | https://github.com/ynsmroztas/citrix.sh | POC Details |
| 27 | Código desenvolvido para a verificação em massa da vulnerabilidade CVE-2019-19781 de hosts descobertos pelo Shodan. Pull requests são bem vindas. | https://github.com/digitalgangst/massCitrix | POC Details |
| 28 | Indicator of Compromise Scanner for CVE-2019-19781 | https://github.com/mandiant/ioc-scanner-CVE-2019-19781 | POC Details |
| 29 | Indicator of Compromise Scanner for CVE-2019-19781 | https://github.com/citrix/ioc-scanner-CVE-2019-19781 | POC Details |
| 30 | Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attempts | https://github.com/haxrob/citrix-honeypot | POC Details |
| 31 | :microscope: Jupyter notebook to help automate some of the forensic analysis related to Citrix Netscalers compromised via CVE-2019-19781 | https://github.com/L4r1k/CitrixNetscalerAnalysis | POC Details |
| 32 | My Citrix ADC NetScaler CVE-2019-19781 Vulnerability DFIR notes. | https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes | POC Details |
| 33 | a script to look for CVE-2019-19781 Vulnerability within a domain and it's subdomains | https://github.com/0xams/citrixvulncheck | POC Details |
| 34 | Python CVE-2019-19781 exploit | https://github.com/r4ulcl/CVE-2019-19781 | POC Details |
| 35 | Gather a list of Citrix appliances in a country / state pair, and check if they're vulnerable to CVE-2019-19781 | https://github.com/nmanzi/webcvescanner | POC Details |
| 36 | None | https://github.com/darren646/CVE-2019-19781POC | POC Details |
| 37 | citrix adc rce | https://github.com/5l1v3r1/Citrix_CVE-2019-19781 | POC Details |
| 38 | This document explain Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [CVE-2019-19781] | https://github.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201 | POC Details |
| 39 | None | https://github.com/yukar1z0e/CVE-2019-19781 | POC Details |
| 40 | None | https://github.com/SharpHack/CVE-2019-19781 | POC Details |
| 41 | 修改的poc,适用于python3 | https://github.com/qiong-qi/CVE-2019-19781-poc | POC Details |
| 42 | Citrix Unauthorized Remote Code Execution Attacker - CVE-2019-19781 | https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE | POC Details |
| 43 | Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. | https://github.com/andripwn/CVE-2019-19781 | POC Details |
| 44 | Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit | https://github.com/VladRico/CVE-2019-19781 | POC Details |
| 45 | None | https://github.com/pwn3z/CVE-2019-19781-Citrix | POC Details |
| 46 | Citrix ADC RCE cve-2019-19781 | https://github.com/Vulnmachines/Ctirix_RCE-CVE-2019-19781 | POC Details |
| 47 | CVE-2019-19781 | https://github.com/k-fire/CVE-2019-19781-exploit | POC Details |
| 48 | None | https://github.com/zerobytesecure/CVE-2019-19781 | POC Details |
| 49 | None | https://github.com/citrixgitoff/-ioc-scanner-CVE-2019-19781 | POC Details |
| 50 | RCE, Citirx ADC and Gateway Directory Traversal | https://github.com/chihyeonwon/CVE-2019-19781 | POC Details |
| 51 | RCE, Citirx ADC and Gateway Directory Traversal | https://github.com/mr-won/CVE-2019-19781 | POC Details |
| 52 | Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-19781.yaml | POC Details |
| 53 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/Citrix%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2019-19781.md | POC Details |
| 54 | RCE, Citirx ADC and Gateway Directory Traversal | https://github.com/user20252228/CVE-2019-19781 | POC Details |
| 55 | A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash | https://github.com/awesome-security/citrixmash_scanner | POC Details |
| 56 | Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attempts | https://github.com/EliusHHimel/citrix-honeypot | POC Details |
| 57 | RCE, Citirx ADC and Gateway Directory Traversal | https://github.com/tpdlshdmlrkfmcla/CVE-2019-19781 | POC Details |
| 58 | None | https://github.com/autocode07/cisagov__check-cve-2019-19781.4142e02b | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-19781
请登录查看更多情报信息。
- https://support.citrix.com/article/CTX267027x_refsource_CONFIRM
- https://twitter.com/bad_packets/status/1215431625766424576x_refsource_MISC
- https://forms.gle/eDf3DXZAv96oosfj6x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2019-19781
Same Patch Batch · n/a · 2019-12-27 · 66 CVEs total
| CVE-2016-1000028 | Tenable Network Security Nessus 跨站脚本漏洞 | |
| CVE-2019-20013 | GNU LibreDWG 资源管理错误漏洞 | |
| CVE-2019-20012 | GNU LibreDWG 资源管理错误漏洞 | |
| CVE-2019-20011 | GNU LibreDWG 缓冲区错误漏洞 | |
| CVE-2019-20043 | WordPress 安全漏洞 | |
| CVE-2019-20042 | WordPress 跨站脚本漏洞 | |
| CVE-2019-20041 | WordPress 输入验证错误漏洞 | |
| CVE-2014-4523 | WordPress Easy Career Openings 跨站脚本漏洞 | |
| CVE-2014-4525 | WordPress Ebay Feeds 跨站脚本漏洞 | |
| CVE-2014-4559 | WordPress Swipe Checkout for WP e-Commerce 跨站脚本漏洞 | |
| CVE-2019-20016 | libmysofa 缓冲区错误漏洞 | |
| CVE-2016-1000029 | Tenable Network Security Nessus 跨站脚本漏洞 | |
| CVE-2019-16896 | K7 Computing Ultimate Security 后置链接漏洞 | |
| CVE-2013-4691 | Sencha Labs Connect 跨站脚本漏洞 | |
| CVE-2013-4664 | SPBAS Business Automation Software 跨站脚本漏洞 | |
| CVE-2013-4665 | SPBAS Business Automation Software 跨站请求伪造漏洞 | |
| CVE-2013-4693 | WordPress Xorbin Digital Flash Clock 跨站脚本漏洞 | |
| CVE-2013-4695 | Winamp 安全漏洞 | |
| CVE-2013-4692 | Xorbin Analog Flash Clock 跨站脚本漏洞 | |
| CVE-2013-4763 | Samsung Galaxy S3和Samsung Galaxy S4 安全漏洞 |
Showing top 20 of 66 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2019-19781
No comments yet