Detections
Analytics
CVE-2019-19781
critical
Description
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
From the Tenable Blog
CVE-2019-19781: Critical Vulnerability in Citrix ADC and Gateway Sees Active Exploitation While Patches are Still Not Available
Published: 2020-01-17
Following the release of exploit scripts for a critical flaw in Citrix Application Delivery Controller (ADC) and Gateway, attackers launch attacks against vulnerable hosts, while Citrix announces release date for patches UPDATE 01/24/2020: This blog post has been updated to reflect the availability of patches released by Citrix. Background Attacks Increase After Exploit Scripts Released
CVE-2019-19781: Exploit Scripts for Remote Code Execution Vulnerability in Citrix ADC and Gateway Available
Published: 2020-01-11
Attackers are actively probing for vulnerable Citrix Application Delivery Controller (ADC) and Gateway hosts, while multiple proof-of-concept scripts are released, emphasizing the importance of mitigating this flaw immediately.
CVE-2019-19781: Unauthenticated Remote Code Execution Vulnerability in Citrix ADCs and Gateways
Published: 2019-12-23
Citrix urges customers to apply mitigation steps for CVE-2019-19781, a remote code execution vulnerability exploitable through specially crafted HTTP requests to vulnerable devices.
References
https://www.kb.cert.org/vuls/id/619785
https://forms.gle/eDf3DXZAv96oosfj6
http://packetstormsecurity.com/files/155972/Citrix-ADC-Gateway-Path-Traversal.html
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a
https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report
https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-117a
https://www.tenable.com/cyber-exposure/2021-threat-landscape-retrospective
https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-296a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-259a
https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-133a
https://www.tenable.com/blog/from-bugs-to-breaches-25-significant-cves-as-mitre-cve-turns-25
https://www.tenable.com/blog/aa23-215a-2022s-top-routinely-exploited-vulnerabilities
https://www.tenable.com/blog/examining-the-treat-landscape
https://www.tenable.com/blog/one-year-later-what-can-we-learn-from-zerologon
https://www.tenable.com/blog/how-covid-19-response-is-expanding-the-cyberattack-surface
Details
Published: 2019-12-27
Updated: 2025-04-03
Known Exploited Vulnerability (KEV)
Risk Information
CVSS v2
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Severity: High
CVSS v3
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: Critical
EPSS
EPSS: 0.94442
Vulnerability Watch
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Concern