Skip to Main Content

CVE-2019-19781

This tool exploits a directory traversal bug within Citrix ADC (NetScalers) which calls a perl script that is used to append files in an XML format to the victim machine. This in turn allows for remote code execution.

CVE-2019-19781

This tool exploits a directory traversal bug within Citrix ADC (NetScalers) which calls a perl script that is used to append files in an XML format to the victim machine. This in turn allows for remote code execution.

Be sure to cleanup these two file locations:
/var/tmp/netscaler/portal/templates/
/netscaler/portal/templates/

Note that DNS hostnames and IP addresses are supported in victimaddress and attackerip_listener fields.

This was only uploaded due to other researchers publishing their code first. We would have hoped to have had this hidden for awhile longer while defenders had appropriate time to patch their systems.

We are all for responsible disclosure, in this case – the cat was already out of the bag.

Exploits: CVE-2019-19781

How to Get CVE-2019-19781

Option 1
To download CVE-2019-19781, type the following command in Linux:

git clone https://github.com/trustedsec/cve-2019-19781

Option 2
View on Git.

How to Get Help with CVE-2019-19781
For bug reports or enhancements, please open an issue on this projects GitHub page.