module
Citrix ADC (NetScaler) Directory Traversal Scanner
| Disclosed |
|---|
| Dec 17, 2019 |
Disclosed
Dec 17, 2019
Description
This module exploits a directory traversal vulnerability (CVE-2019-19781) within Citrix ADC
(NetScaler). It requests the smb.conf file located in the /vpns/cfg directory by issuing the request
/vpn/../vpns/cfg/smb.conf. It then checks if the server is vulnerable by looking for the presence of
a "[global]" directive in smb.conf, which this file should always contain.
(NetScaler). It requests the smb.conf file located in the /vpns/cfg directory by issuing the request
/vpn/../vpns/cfg/smb.conf. It then checks if the server is vulnerable by looking for the presence of
a "[global]" directive in smb.conf, which this file should always contain.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.