| VID |
210206 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
* References:
http://packetstormsecurity.com/files/155904/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution.html
http://packetstormsecurity.com/files/155905/Citrix-Application-Delivery-Controller-Gateway-Remote-Code-Execution-Traversal.html
http://packetstormsecurity.com/files/155930/Citrix-Application-Delivery-Controller-Gateway-10.5-Remote-Code-Execution.html
http://packetstormsecurity.com/files/155947/Citrix-ADC-NetScaler-Directory-Traversal-Remote-Code-Execution.html
http://packetstormsecurity.com/files/155972/Citrix-ADC-Gateway-Path-Traversal.html
https://badpackets.net/over-25000-citrix-netscaler-endpoints-vulnerable-to-cve-2019-19781/
https://forms.gle/eDf3DXZAv96oosfj6
https://support.citrix.com/article/CTX267027
https://twitter.com/bad_packets/status/1215431625766424576
https://www.kb.cert.org/vuls/id/619785
* Platforms Affected:
Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, 13.0 before |
| Recommendation |
Upgrade Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, 13.0 later |
| Related URL |
CVE-2019-19781 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
