CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2019-19781

CVSS 9.8v3.1pub. 2019-12-27upd. 2025-11-07

An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Citrix Application Delivery Controller

    HW
    Citrix
    wszystkie wersje
  • Citrix Application Delivery Controller Firmware

    OS
    Citrix
    10.511.112.012.113.0
  • Citrix Gateway

    HW
    Citrix
    wszystkie wersje
  • Citrix Gateway Firmware

    OS
    Citrix
    13.0
  • Citrix Netscaler Gateway

    HW
    Citrix
    wszystkie wersje
  • Citrix Netscaler Gateway Firmware

    OS
    Citrix
    10.511.112.012.1

CISA KEV — detailsi

Vendori
Citrix
Producti
Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
Added to KEVi
November 3, 2021
Remediation deadline (US Federal)i
May 3, 2022(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 3 maja 2022
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2026-3055CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Citrix NetScaler ADC/Gateway — memory overread przez SAML IDP

CVE-2025-7775CRITICAL9.2⚠ KEVPL ✓ten sam produkt

Przepełnienie pamięci w Citrix NetScaler ADC i Gateway — RCE/DoS

CVE-2025-6543CRITICAL9.2⚠ KEVPL ✓ten sam produkt

Przepełnienie pamięci w Citrix NetScaler ADC i Gateway – RCE/DoS przez VPN

CVE-2025-5777CRITICAL9.3⚠ KEVPL ✓ten sam produkt

CitrixBleed 2 — memory overread w Citrix NetScaler ADC i Gateway

CVE-2023-4966CRITICAL9.4⚠ KEVten sam produkt

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virt...