cbcvebase.
CVE-2019-17199
published 2019-10-05

CVE-2019-17199: www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as…

PriorityP260high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
9.96%
95.0th percentile
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring.

Affected

1 ranges
VendorProductVersion rangeFixed in
webpagetestwebpagetest

Detection & IOCsextracted from sources · hover to see the quote

pathwww/getfile.php
othera.jpg\..
  • Monitor HTTP requests to www/getfile.php containing path traversal sequences such as 'a.jpg\..' in the 'file' parameter, which bypass the unanchored regular expression filter to read arbitrary files outside the www directory.
  • The vulnerable parameter is 'file' in the getfile.php (also referenced as gettext.php) script; inspect requests where this parameter contains directory traversal patterns to detect exploitation attempts.
  • ·The directory traversal is Windows-specific; the unanchored regex bypass using 'a.jpg\..' relies on Windows path handling and may not be exploitable on non-Windows deployments.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.