7.5
CVSSv2

CVE-2019-19781

Published: 27/12/2019 Updated: 08/01/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

A vulnerability has been found in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway. This vulnerability allows unauthenticated remote attackers to perform directory traversal and remote code execution. Affected versions are 10.5, 11.1, 12.0, 12.1, and 13.0.

Vulnerability Trend

Affected Products

Vendor Product Versions
CitrixApplication Delivery Controller Firmware10.5, 11.1, 12.0, 12.1, 13.0
CitrixGateway Firmware13.0
CitrixNetscaler Gateway Firmware10.5, 11.1, 12.0, 12.1

Vendor Advisories

A vulnerability  has been identified in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway that, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution The vulnerability has been assigned the following CVE number: ...
A vulnerability  has been identified in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway that, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution The vulnerability has been assigned the following CVE number: ...

Recent Articles

If you haven't shored up that Citrix hole, you were probably hacked over the weekend: Exploit code now available
The Register • Shaun Nichols in San Francisco • 13 Jan 2020

Plus: TikTok clocked, Honey in a sticky situation, Arm's PAN mechanisms sidestepped

Roundup Welcome to another Register security roundup. Here are a few stories that caught our eye.
Late last month Citrix disclosed a critical security hole (CVE-2019-19781) in both its Application Delivery Controller and Unified Gateway (formerly known as Netscaler ADC and Netscaler Gateway) offerings. Up to 80,000 systems were thought to be at risk, with some 25,000 instances found online over the weekend.
Those admins who haven't put mitigations in place by now will want to make su...

Citrix ADC CVE-2019-19781 Exploits Released, Fix Now!
BleepingComputer • Lawrence Abrams • 11 Jan 2020

Numerous working exploits for the Citrix ADC (NetScaler) CVE-2019-19781 vulnerability are finally here and have been publicly posted in numerous locations. There is no patch available for this vulnerability, but Citrix has provided mitigations, which should be applied now!
If successfully exploited, this vulnerability allows unauthenticated users to utilize directory traversal to perform arbitrary code execution.
Since late December, we have been reporting and security professionals...

The Week in Ransomware - January 10th 2020 - Now Data Breaches
BleepingComputer • Lawrence Abrams • 11 Jan 2020

This week we have seen new ransomware operators targeting businesses, stolen data published, and the Sodinokibi Ransomware being confirmed as behind the Travelex cyber attack.
Ransomware operators targeting the enterprise and stealing data before encrypting computers is the new normal and businesses need to start changing how they react to these types of attacks.
Instead of hiding ransomware attacks, victims will need to be transparent, treat the attacks like data breaches, file g...

Attackers Are Scanning for Vulnerable Citrix Servers, Secure Now
BleepingComputer • Sergiu Gatlan • 08 Jan 2020

Security researchers have observed ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers vulnerable to attacks exploiting CVE-2019-19781 during the last week.
This vulnerability impacts multiple Citrix products and it could potentially expose the networks of over 80,000 firms to hacking attacks according to a Positive Technologies report from December.
As the security outfit said at the time, "at least 80,000 com...

Critical Citrix Bug Puts 80,000 Corporate LANs at Risk
Threatpost • Tara Seals • 26 Dec 2019

Digital workspace and enterprise networks vendor Citrix has announced a critical vulnerability in the Citrix Application Delivery Controller (ADC) and Citrix Gateway. If exploited, it could allow unauthenticated attackers to gain remote access to a company’s local network and carry out arbitrary code execution.
The Citrix products (formerly the NetScaler ADC and Gateway) are used for application-aware traffic management and secure remote access, respectively, and are installed in at leas...

Patch now: Published Citrix applications leave networks of 'potentially 80,000' firms at risk from attackers
The Register • Tim Anderson • 23 Dec 2019

Unauthorised users able to perform 'arbitrary code execution'

A critical vulnerability found in Citrix Application Delivery Controller and Citrix Gateway (formerly known as Netscaler ADC and Netscaler Gateway) means businesses with apps published using these technologies may be exposing their internal network to unauthorised access.
Citrix (NetScaler) ADC is a load balancer and monitoring tech, while Unified Gateway provides remote access to internal applications. This can include desktop applications as well as intranet or web applications. "Any app...

Critical Citrix Flaw May Expose Thousands of Firms to Attacks
BleepingComputer • Sergiu Gatlan • 23 Dec 2019

A newly discovered vulnerability impacting the Citrix Application Delivery Controller (NetScaler ADC) and the Citrix Gateway (NetScaler Gateway) could potentially expose the networks of over 80,000 firms to hacking attacks.
The vulnerability, currently tracked as CVE-2019-19781, could allow remote attackers with access to a company's internal network without requiring authentication. 
If successfully exploited, it leads to arbitrary code execution according to Positive Technologi...