Citrix have released an advisory regarding CVE-2019-19781 which you can read in full here: Vulnerability in Citrix Application Delivery Controller and Citrix Gateway
In short a vulnerability was identified in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix gateway formerly known as NetScaler Gateway. If exploited this vulnerability could allow an unauthenticated attacker to perform arbitrary code execution.
AppCheck have released a plug-in to check for the above vulnerability. Specifically, the module will look to detect a remote code execution flaw in Citrix appliances.
Arbitrary Code Execution (ACE) describes the ability to execute commands on a target. Once a hacker has successfully exploited this vulnerability they could gain access to the protected network without valid logon credentials. The attacker could issue commands, read or edit files and even priv-up to gain full control of a system.
As always, if you require any more information on this topic or want to see how AppCheck can help find vulnerabilities in your applications and infrastructure then please get in contact with us: info@appcheck-ng.com
No software to download or install.
Contact us or call us 0113 887 8380