What is CVE-2019–19781?
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
As stated above all the CITRIX ADC with versions specified above are vulnerable to this attack. When I was working on a target, I was enumerating the list of IP addresses.
How to find the IP address of a target?
Using the above methods, one will be able to identify the list of IP addresses of a target application. I have initially collected IP address details and then I was planning to look for the vulnerable machine.
There is a Github link available to identify a list of vulnerable machines for CVE-2019–19781 attack.
Steps:
- Identify the list of IP addresses of the target application
- Run the vulnerability scanner from above github link and check whether the machine is vulnerable or not
To check the vulnerability using the scanner:
As shown above, the machine was found to be vulnerable to remote code execution attacks.
- Reported RCE on 16-Jan-2020
- 17-Jan-2020 bug was marked as duplicate finding. No bounty:-)
If you like the content, please follow me on medium and LinkedIn
LinkedIn: https://www.linkedin.com/in/pravin-r-p-oscp-28497712b/