DHS CISA released a public domain tool designed to help security staff to test if their organizations are vulnerable to ongoing attacks that might target the CVE-2019-19781 security flaw. The vulnerability makes it possible for unauthenticated attackers to perform arbitrary code execution via directory traversal if successfully exploited. Citrix will be releasing new Citrix ADC and Citrix Gateway versions to patch the vulnerability starting with January 20, 2020. Several working proof-of-concept (PoC) exploits for the vulnerability are already publicly available.
Source: https://www.bleepingcomputer.com/news/security/cisa-releases-test-tool-for-citrix-adc-cve-2019-19781-vulnerability/