Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-19781 PoC — Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞

Source
https://github.com/redscan/CVE-2019-19781
Associated Vulnerability
Title:Citrix Application Delivery Controller和Citrix Systems Gateway 路径遍历漏洞 (CVE-2019-19781)
Description:An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Description
CVE-2019-19781 Attack Triage Script
Readme
# CVE-2019-19781
CVE-2019-19781 Attack Triage Script

The script can be run on your affected Citrix ADC devices to assist in determining if a compromise has occured. It will quicky capture any associated commands or files that were used as part of the attack (unless cleanup has occured):

$ ./CVE-2019-19781-Triage.sh

Disclaimer: Best efforts were made to test the script provided, however Redscan can not be held responsible for any impact caused to the appliance the script is ran on.

# Credits
Parts of this script were put together using content from posts authored by:

@x1sec
darkQuassar
@mpgn_x64
@ItsReallyNick
@msandbu
File Snapshot

 [4.0K]  /data/pocs/f3df3c3e81712969d46e7c82d73069cf6a2d6a8a
├── [2.1K]  CVE-2019-19781-Triage.sh
└── [ 632]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →