CVE-2019-14277

CRITICAL

Axway SecureTransport <5.3-5.5 - Unauthenticated XXE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-14277. PoCs published by Dominik Penner.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated blind XML injection (XXE) vulnerability in Axway SecureTransport 5.x via the resetPassword REST API endpoint. It includes proof-of-concept requests for breaking the parser, verifying the vulnerability, and attempting external entity injection, including DTD repurposing techniques.

Description

Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI invocation attacks (i.e., SSRF with resultant remote code execution). NOTE: The vendor disputes this issues as not being a vulnerability because “All attacks that use external entities are blocked (no external DTD or file inclusions, no SSRF). The impact on confidentiality, integrity and availability is not proved on any version.

Exploits (1)

exploitdb WORKING POC

by Dominik Penner · textwebappslinux

https://www.exploit-db.com/exploits/47150

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated blind XML injection (XXE) vulnerability in Axway SecureTransport 5.x via the resetPassword REST API endpoint. It includes proof-of-concept requests for breaking the parser, verifying the vulnerability, and attempting external entity injection, including DTD repurposing techniques.

Classification

Working Poc 95%

Attack Type

Info Leak | Ssrf

Complexity

Moderate

Reliability

Reliable

Target: Axway SecureTransport 5.x

No auth needed

Prerequisites: Access to the target's REST API endpoint · Network connectivity to the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1204.001 - Malicious Link

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/47150

Exploit, Third Party Advisory x_refsource_misc

https://gist.githubusercontent.com/zeropwn/59f17727dfaba239b0ace6f33b752974/raw/9b6541a94ac5ec181a88e6c84cb3e3001025b8fd/Axway%2520SecureTransport%25205.x%2520Unauthenticated%2520XXE

Exploit, Third Party Advisory, URL Repurposed x_refsource_misc

https://zero.lol/2019-07-21-axway-securetransport-xml-injection/

Vendor Advisory x_refsource_confirm

https://community.axway.com/s/article/SecureTransport-Security-Notice-re-CVE-2019-14277-Unauthenticated-XML-Injection-and-XXE

Vendor Advisory x_refsource_confirm

https://community.axway.com/s/article/SecureTransport-Security-Notice

Scores

CVSS v3 9.8

EPSS 0.0733

EPSS Percentile 93.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-91

Status published

Products (5)

axway/securetransport 5.2.1

axway/securetransport 5.3.0

axway/securetransport 5.3.1

axway/securetransport 5.3.3

axway/securetransport 5.3.6

Published Jul 26, 2019

Tracked Since Feb 18, 2026