CVE

CVE-2019-19781

2field notes · 0digests

Field notes

Analysis · May 20, 2026 · operations-desk
Shitrix: the Citrix bug that taught everyone how fast a perimeter RCE goes from PoC to pandemic
CVE-2019-19781, 'Shitrix,' was a path-traversal RCE in Citrix NetScaler. After disclosure with no patch, a public exploit dropped and mass exploitation followed within days. It set the template for the NetScaler-as-target story that CitrixBleed later continued.
Analysis · May 20, 2026 · operations-desk
Palo Alto GlobalProtect CVE-2019-1579: another VPN gateway, another pre-auth RCE
CVE-2019-1579 was a pre-authentication remote code execution in Palo Alto's GlobalProtect SSL-VPN. It's one more entry in the longest-running story in this catalog: the SSL-VPN gateway as a perennial, pre-auth-RCE-prone perimeter target.