module
Citrix ADC (NetScaler) Directory Traversal RCE
Disclosed | Created |
---|---|
Dec 17, 2019 | Jan 14, 2020 |
Disclosed
Dec 17, 2019
Created
Jan 14, 2020
Description
This module exploits a directory traversal in Citrix Application Delivery Controller (ADC), aka
NetScaler, and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0, to execute an arbitrary command payload.
NetScaler, and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0, to execute an arbitrary command payload.
Authors
Mikhail Klyuchnikov
Project Zero India
TrustedSec
James Brytan
James Smith
Marisa Mack
Rob Vinson
Sergey Pashevkin
Steven Laura
mekhalleh (RAMELLA Sébastien)
Project Zero India
TrustedSec
James Brytan
James Smith
Marisa Mack
Rob Vinson
Sergey Pashevkin
Steven Laura
mekhalleh (RAMELLA Sébastien)
Platform
Python,Unix
Architectures
python, cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.