Citrix Application Delivery Controller (ADC) and Citrix Gateway are vulnerable to a critical path traversal flaw (CVE-2019-19781) The flaw affects all supported version of the software, including:Citrix ADC and NetScaler Gateway version 11.1 all supported builds. At the time of writing, there are over 125,400 Citrix servers publicly accessible and can be exploited overnight if not taken offline or protected using available mitigation. There’s no patch available almost 23 days after disclosure.
Source: https://thehackernews.com/2020/01/citrix-adc-gateway-exploit.html