Jump to content
Welcome to our new Citrix community!

CVE-2019-19781 – Verification Tool

Recommended Posts

Hi Mark,


Found these alternatives:



It also seems you can do a simple curl of the url, and you shouldn't be seeing the actual smb.conf page, but get a 403, 404, or see a Citrix page. If you get a 200, the system is (still) vulnerable). The command is:

curl https://<host>/vpn/../vpns/cfg/smb.conf --path-as-is --insecure

On some systems, it'll be slightly different:

curl https://<host>/vpn/../vpns/cfg/smb.conf -path-as-is -insecure





Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...