Citrix has released a new round of security updates to resolve a critical vulnerability exposing thousands of servers to code execution attacks.
The vulnerability at the heart of the matter is CVE-2019-19781, a directory traversal security flaw that can be exploited for the purposes of arbitrary code execution. The vulnerability has been issued a CVSS score of 9.8 — in other words, it cannot be much more serious.
Different versions of Citrix Application Delivery Controller (ADC) and Citrix Gateway, as well as Citrix SD-WAN WANOP, are impacted.