A vulnerability (CVE-2019-19781) with a severity score of 9.8 has been identified in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance.
This vulnerability affects the following supported product versions on all supported platforms:
• Citrix ADC and Citrix Gateway version 13.0 all supported builds before 126.96.36.199
• NetScaler ADC and NetScaler Gateway version 12.1
• NetScaler ADC and NetScaler Gateway version 12.0
• NetScaler ADC and NetScaler Gateway version 11.1
• NetScaler ADC and NetScaler Gateway version 10.5
• Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO
The vulnerability (CVE-2019-19781) can allow an unauthenticated remote attacker to perform an arbitrary code execution.
If exploited this vulnerability that could effectively allow an attacker to run a command on your system, download and/or install malware, and read or modify files on the system.
Citrix has released updates for this vulnerability and strongly urges affected customers to immediately upgrade.