This critical vulnerability allows unauthenticated remote attackers to execute commands (RCE) on targeted Citrix Application Delivery Controller (ADC) and Citrix Gateway (also known as NetScaler Gateway) servers after chaining an arbitrary file read/write (directory traversal) flaw. Further exploitation can allow threat actors to gain a foothold inside private networks and conduct further malicious activity, such as spreading ransomware.
Bad Packets™ summary report is available here:
https://badpackets.net/over-25000-citrix-netscaler-endpoints-vulnerable-to-cve-2019-19781/The list of vulnerable Citrix ADC and NetScaler Gateway servers is freely available for authorized government CERT, CSIRT, ISAC, and law enforcement teams to review. To obtain a report of vulnerable hosts impacting your constituency, please fill out the form below.