严重 Citrix ADC 远程代码执行漏洞
CVE编号
CVE-2019-19781利用情况
EXP 已公开补丁情况
官方补丁披露时间
2019-12-28漏洞描述
在Citrix Application Delivery Controller(ADC)和网关10.5、11.1、12.0、12.1和13.0中发现了一个问题。它们允许目录遍历。解决建议
下载相关补丁受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | citrix | application_delivery_controller_firmware | 10.5 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | application_delivery_controller_firmware | 11.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | application_delivery_controller_firmware | 12.0 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | application_delivery_controller_firmware | 12.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | application_delivery_controller_firmware | 13.0 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | gateway_firmware | 13.0 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | netscaler_gateway_firmware | 10.5 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | netscaler_gateway_firmware | 11.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | netscaler_gateway_firmware | 12.0 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | citrix | netscaler_gateway_firmware | 12.1 | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | citrix | application_delivery_controller | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | citrix | gateway | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | citrix | netscaler_gateway | - | - | |||||
- 攻击路径 远程
- 攻击复杂度 容易
- 权限要求 无需权限
- 影响范围 全局影响
- EXP成熟度 EXP 已公开
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 传输被破坏
- 服务器危害 服务器失陷
- 全网数量 N/A
| CWE-ID | 漏洞类型 |
| CWE-22 | 对路径名的限制不恰当(路径遍历) |
Exp相关链接
- https://github.com//projectzeroindia/CVE-2019-19781
- https://github.com/0xams/citrixvulncheck
- https://github.com/5l1v3r1/Citrix_CVE-2019-19781
- https://github.com/andripwn/CVE-2019-19781
- https://github.com/aqhmal/CVE-2019-19781
- https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes
- https://github.com/b510/CVE-2019-19781
- https://github.com/becrevex/Citrix_CVE-2019-19781
- https://github.com/bufsnake/CVE-2019-19781
- https://github.com/Castaldio86/Detect-CVE-2019-19781
- https://github.com/cisagov/check-cve-2019-19781
- https://github.com/citrix/ioc-scanner-CVE-2019-19781
- https://github.com/DanielWep/CVE-NetScalerFileSystemCheck
- https://github.com/darren646/CVE-2019-19781POC
- https://github.com/digitalgangst/massCitrix
- https://github.com/digitalshadows/CVE-2019-19781_IOCs
- https://github.com/DIVD-NL/Citrix-CVE-2019-19781
- https://github.com/fireeye/ioc-scanner-CVE-2019-19781
- https://github.com/hollerith/CVE-2019-19781
- https://github.com/ianxtianxt/CVE-2019-19781
- https://github.com/j81blog/ADC-19781
- https://github.com/Jabo-SCO/Shitrix-CVE-2019-19781
- https://github.com/jas502n/CVE-2019-19781
- https://github.com/Jerry-Swift/CVE-2019-19781-scanner
- https://github.com/L4r1k/CitrixNetscalerAnalysis
- https://github.com/MalwareTech/CitrixHoneypot
- https://github.com/mandiant/ioc-scanner-CVE-2019-19781
- https://github.com/mekhalleh/citrix_dir_traversal_rce
- https://github.com/mekoko/CVE-2019-19781
- https://github.com/mpgn/CVE-2019-19781
- https://github.com/nmanzi/webcvescanner
- https://github.com/onSec-fr/CVE-2019-19781-Forensic
- https://github.com/oways/CVE-2019-19781
- https://github.com/projectzeroindia/CVE-2019-19781
- https://github.com/qiong-qi/CVE-2019-19781-poc
- https://github.com/RaulCalvoLaorden/CVE-2019-19781
- https://github.com/redscan/CVE-2019-19781
- https://github.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201
- https://github.com/SharpHack/CVE-2019-19781
- https://github.com/trustedsec/cve-2019-19781
- https://github.com/unknowndevice64/Exploits_CVE-2019-19781
- https://github.com/VladRico/CVE-2019-19781
- https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE
- https://github.com/x1sec/citrix-honeypot
- https://github.com/x1sec/citrixmash_scanner
- https://github.com/x1sec/CVE-2019-19781
- https://github.com/ynsmroztas/citrix.sh
- https://github.com/yukar1z0e/CVE-2019-19781
- https://github.com/zenturacp/cve-2019-19781-web
- https://github.com/zgelici/CVE-2019-19781-Checker
- https://gitlab.com/bontchev/CitrixHoneypot
- https://raw.githubusercontent.com/1N3/Sn1per/master/templates/active/CVE-2019-19781_-_Citrix_ADC_Directory_Traversal.sh
- https://raw.githubusercontent.com/jaeles-project/jaeles-signatures/master/cves/citrix-adc-path-traversal-cve-2019-19781.yaml
- https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/master/cves/CVE-2019-19781.yaml
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/citrix_dir_traversal.rb
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/citrix_dir_traversal_rce.rb
- https://www.exploit-db.com/exploits/47901
- https://www.exploit-db.com/exploits/47913
- https://www.exploit-db.com/exploits/47930
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论