Active exploitation of Citrix ADC and Gateway `vpns`

We have been offered advise from our Security partners Dell SecureWorks outlining that their Counter Threat Unit (CTU) researchers are monitoring reports of proof-of-concept code for a Citrix ADC and Gateway `vpns` directory traversal vulnerability (CVE-2019-19781). Unauthenticated attackers could leverage this flaw to execute arbitrary code. The research team has observed attempts to exploit this vulnerability.

Recommended actions:

Clients should review the workaround provided by Citrix and apply updates when available.


Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

    Our partners