Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.CITRIX_NETSCALER_CTX267027.NASL
HistoryDec 24, 2019 - 12:00 a.m.

Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027)

2019-12-2400:00:00
This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1384
JSON

The remote Citrix ADC or Citrix NetScaler Gateway device is affected by an arbitrary code execution vulnerability.
An unauthenticated, remote attacker may be able to leverage this vulnerability to perform arbitrary code execution on an affected host.

Please refer to advisory CTX267027 for more information.

##
# (C) Tenable Network Security, Inc.
##

include('compat.inc');

if (description)
{
  script_id(132397);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/01/19");

  script_cve_id("CVE-2019-19781");
  script_xref(name:"IAVA", value:"2020-A-0001-S");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/03");
  script_xref(name:"CISA-NCAS", value:"AA22-011A");
  script_xref(name:"CEA-ID", value:"CEA-2020-0129");
  script_xref(name:"CEA-ID", value:"CEA-2020-0122");
  script_xref(name:"CEA-ID", value:"CEA-2019-0742");

  script_name(english:"Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is affected by an arbitrary code execution vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote Citrix ADC or Citrix NetScaler Gateway device is affected by an arbitrary code execution vulnerability.
An unauthenticated, remote attacker may be able to leverage this vulnerability to perform arbitrary code execution on 
an affected host.

Please refer to advisory CTX267027 for more information.");
  script_set_attribute(attribute:"see_also", value:"https://support.citrix.com/article/CTX267027");
  script_set_attribute(attribute:"solution", value:
"For versions 10.5.x, 11.1.x, 12.0.x, 12.1.x and 13.0.x, upgrade to 10.5.70.12, 11.1.63.15, 12.0.63.13, 12.1.55.18 and 
13.0.47.24 respectively.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-19781");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Citrix ADC (NetScaler) Directory Traversal RCE');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/12/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/24");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:citrix:netscaler_access_gateway_firmware");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("citrix_netscaler_detect.nbin");
  script_require_keys("Host/NetScaler/Detected");

  exit(0);
}
include('vcf_extras_netscaler.inc');

var app_info = vcf::citrix_netscaler::get_app_info();

var constraints = [
  {'min_version': '10.5', 'fixed_version': '10.5.70.12', 'fixed_display': '10.5-70.12'},
  {'min_version': '11.1', 'fixed_version': '11.1.63.15', 'fixed_display': '11.1-63.15'},
  {'min_version': '12.0', 'fixed_version': '12.0.63.13', 'fixed_display': '12.0-63.13'},
  {'min_version': '12.1', 'fixed_version': '12.1.55.18', 'fixed_display': '12.1-55.18'},
  {'min_version': '13.0', 'fixed_version': '13.0.47.24', 'fixed_display': '13.0-47.24'}
];

vcf::citrix_netscaler::check_version_and_report(
  app_info: app_info,
  constraints: constraints,
  severity:SECURITY_HOLE
);
VendorProductVersionCPE
citrixnetscaler_access_gateway_firmwarecpe:/o:citrix:netscaler_access_gateway_firmware

Related

krebs 1
rapid7blog 2
malwarebytes 4
cisa 4
githubexploit 42
packetstorm 5
exploitpack 4
zdt 3
nessus 2
symantec 1
prion 1
ics 18
cve 1
nuclei 1
fireeye 5
thn 13
metasploit 2
ptsecurity 1
freebsd 1
citrix 1
cisa_kev 1
qualysblog 9
attackerkb 2
checkpoint_advisories 1
canvas 1
talosblog 3
impervablog 2
threatpost 24
cert 1
exploitdb 4
kitploit 2
securelist 1
mssecure 2
avleonov 2
mmpc 1
krebs
krebs
Hackers Were Inside Citrix for Five Months
2020-02-19 15:55:04
rapid7blog
rapid7blog
NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler
2020-11-04 15:24:04
Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange
2021-03-23 14:04:36
malwarebytes
malwarebytes
Healthcare security update: death by ransomware, whatā€™s next?
2020-10-08 15:30:00
Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities
2021-04-16 14:59:38
Atomic research institute breached via VPN vulnerability
2021-06-21 13:53:03
cisa
cisa
Citrix Releases Security Updates for SD-WAN WANOP
2020-01-23 00:00:00
CISA Releases Test for Citrix ADC and Gateway Vulnerability
2020-01-13 00:00:00
Citrix Adds SD-WAN WANOP, Updated Mitigations to CVE-2019-19781 Advisory
2020-01-17 00:00:00
githubexploit
githubexploit
Exploit for Path Traversal in Citrix Application Delivery Controller Firmware
2020-01-16 08:52:14
Exploit for Path Traversal in Citrix Application Delivery Controller Firmware
2020-01-13 07:42:27
Exploit for Path Traversal in Citrix Application Delivery Controller Firmware
2020-01-21 23:13:00
packetstorm
packetstorm
Citrix Application Delivery Controller / Gateway Remote Code Execution
2020-01-11 00:00:00
Citrix Application Delivery Controller / Gateway Remote Code Execution / Traversal
2020-01-11 00:00:00
Citrix ADC (NetScaler) Directory Traversal / Remote Code Execution
2020-01-14 00:00:00
exploitpack
exploitpack
Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal
2020-01-16 00:00:00
Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit)
2020-01-13 00:00:00
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution
2020-01-11 00:00:00
zdt
zdt
Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal Exploit
2020-01-16 00:00:00
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution Vulnerability (1)
2020-01-11 00:00:00
Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution Exploit
2020-01-13 00:00:00
nessus
nessus
Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027) (Direct Check)
2020-01-09 00:00:00
FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31)
2020-01-15 00:00:00
symantec
symantec
Multiple Citrix Products CVE-2019-19781 Remote Code Execution Vulnerability
2019-12-17 00:00:00
prion
prion
Directory traversal
2019-12-27 14:15:00
ics
ics
Detecting Citrix CVE-2019-19781
2020-05-21 12:00:00
APT Groups Target Healthcare and Essential Services
2022-01-25 12:00:00
Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
2021-04-26 12:00:00
cve
cve
CVE-2019-19781
2019-12-27 14:15:00
nuclei
nuclei
Citrix ADC and Gateway - Directory Traversal
2020-04-05 22:27:04
fireeye
fireeye
Nice Try: 501 (Ransomware) Not Implemented
2020-01-24 17:00:00
404 Exploit Not Found: Vigilante Deploying Mitigation for Citrix NetScaler Vulnerability While Maintaining Backdoor
2020-01-16 00:00:00
Putting the Model to Work: Enabling Defenders With Vulnerability Intelligence ā€” Intelligence for Vulnerability Management, Part Four
2020-04-27 12:30:00
thn
thn
PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability
2020-01-11 10:21:00
Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack
2020-01-20 14:24:00
A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems
2020-09-21 10:20:00
metasploit
metasploit
Citrix ADC (NetScaler) Directory Traversal Scanner
2020-01-13 22:39:05
Citrix ADC (NetScaler) Directory Traversal RCE
2021-04-16 00:13:25
ptsecurity
ptsecurity
PT-2020-01: Arbitrary code execution in Citrix ADC
2019-05-12 00:00:00
freebsd
freebsd
Template::Toolkit -- Directory traversal on write
2019-12-13 00:00:00
citrix
citrix
CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance
2019-12-17 05:00:00
cisa_kev
cisa_kev
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
2021-11-03 00:00:00
qualysblog
qualysblog
Citrix ADC and Gateway Remote Code Execution Vulnerability (CVE-2019-19781)
2020-01-09 00:12:26
Nefilim Ransomware
2021-05-12 15:34:00
Russia-Ukraine Crisis: How to Strengthen Your Security Posture to Protect against Cyber Attack, based on CISA Guidelines
2022-02-26 20:20:32
attackerkb
attackerkb
CVE-2019-19781
2019-11-05 00:00:00
CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability
2020-04-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Citrix Multiple Products Directory Traversal (CVE-2019-19781)
2020-01-09 00:00:00
canvas
canvas
Immunity Canvas: NETSCALER_TRAVERSAL_RCE
2019-12-27 14:15:00
talosblog
talosblog
Threat Source newsletter (Jan. 30, 2020)
2020-01-30 11:00:12
New Snort rules protect against recently discovered Citrix vulnerability
2020-01-15 11:41:36
Threat Source newsletter (Jan. 16, 2019)
2020-01-23 07:27:43
impervablog
impervablog
Imperva Mitigates Exploits of Citrix Vulnerability ā€“ Right Out of the Box
2020-01-19 15:00:50
Australian Cyber Attack Vectors Blocked Out of the Box by Imperva WAF
2020-07-06 15:01:00
threatpost
threatpost
Postmortem on U.S. Census Hack Exposes Cybersecurity Failures
2021-08-19 14:35:49
RSAC 2019: Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes
2019-03-05 11:00:03
Citrix Accelerates Patch Rollout For Critical RCE Flaw
2020-01-21 17:19:28
cert
cert
Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP web server vulnerability
2020-01-08 00:00:00
exploitdb
exploitdb
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC)
2020-01-11 00:00:00
Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit)
2020-01-13 00:00:00
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution
2020-01-11 00:00:00
kitploit
kitploit
ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan
2021-12-01 20:30:00
ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan
2021-12-27 20:30:00
securelist
securelist
Incident Response Analyst Report 2019
2020-08-06 10:00:34
mssecure
mssecure
Ransomware groups continue to target healthcare, critical services; hereā€™s how to reduce risk
2020-04-28 16:00:49
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
2022-05-09 13:00:00
avleonov
avleonov
Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs
2021-08-31 23:16:51
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
mmpc
mmpc
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
2022-05-09 13:00:00
JSON
Related for CITRIX_NETSCALER_CTX267027.NASL
krebs1rapid7blog2malwarebytes4cisa4githubexploit42packetstorm5exploitpack4zdt3nessus2symantec1prion1ics18cve1nuclei1fireeye5thn13metasploit2ptsecurity1freebsd1citrix1cisa_kev1qualysblog9attackerkb2checkpoint_advisories1canvas1talosblog3impervablog2threatpost24cert1exploitdb4kitploit2securelist1mssecure2avleonov2mmpc1