Bug Hunting: CVE-2019–19781(Remote Code Execution)

What is CVE-2019–19781?

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.

As stated above all the CITRIX ADC with versions specified above are vulnerable to this attack. When I was working on a target, I was enumerating the list of IP addresses.

How to find the IP address of a target?

Using the above methods, one will be able to identify the list of IP addresses of a target application. I have initially collected IP address details and then I was planning to look for the vulnerable machine.

There is a Github link available to identify a list of vulnerable machines for CVE-2019–19781 attack.

Steps:

  1. Identify the list of IP addresses of the target application
  2. Run the vulnerability scanner from above github link and check whether the machine is vulnerable or not
vulnerable CITRIX ADC running on the target machine

To check the vulnerability using the scanner:

machine is vulnerable to RCE

As shown above, the machine was found to be vulnerable to remote code execution attacks.

  • Reported RCE on 16-Jan-2020
  • 17-Jan-2020 bug was marked as duplicate finding. No bounty:-)

If you like the content, please follow me on medium and LinkedIn

LinkedIn: https://www.linkedin.com/in/pravin-r-p-oscp-28497712b/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store