漏洞描述
Citrix旗下多款交付控制器和网关存在RCE漏洞,攻击者在无需身份验证的情况下就可执行任意命令。CitrixADC(NetScalers)中的目录穿越错误,这个错误会调用perl脚本,perl脚本用于将XML格式的文件附加到受害计算机,因此产生远程执行代码。
Citrix ADC 远程代码执行(CVE-2019-19781)
PoC代码
暂无相关漏洞推荐
-
CVE-2023-3519: Citrix ADC & Gateway RCE POC
2025-09-01 | Citrix ADC & GatewayCitrix Systems Citrix Gateway(Citrix Systems NetScaler Gateway)和Citrix ADC都是美国思杰系统(Citrix Systems)公司... -
CVE-2019-19781: Citrix ADC and Gateway - Directory Traversal POC
2025-08-01 | Citrix ADC and GatewayCitrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are suscep... -
CVE-2020-8191: Citrix ADC/Gateway - Cross-Site Scripting POC
2025-08-01 | Citrix ADC GatewayCitrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.... -
CVE-2019-0193: Apache Solr Remote Code Execution POC
2025-09-01 | Apache Solr2019 年 08 月 01 日,Apache Solr 官方发布预警,Apache Solr DataImport 功能 在开启 Debug 模式时,可以接收来自请求的”dataConfig”参数,... -
CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059 POC
2025-09-01 | Apache StrutsApache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user input in tag ...