CVE-2019-14422

HIGH

TortoiseSVN 1.12.1 - Remote Code Execution via Tsvncmd URI Handler

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-14422. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary The exploit leverages the TortoiseSVN URI handler (tsvncmd:) to execute a custom diff operation on Excel workbooks, bypassing macro security warnings. By crafting a malicious URL, an attacker can force the victim to open remote workbooks containing macro viruses, leading to arbitrary code execution.

Description

An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?path2:[file2] URI will execute a customised diff on [file1] and [file2] based on the file extension. For xls files, it will execute the script diff-xls.js using wscript, which will open the two files for analysis without any macro security warning. An attacker can exploit this by putting a macro virus in a network drive, and force the victim to open the workbooks and execute the macro inside.

Exploits (1)

exploitdb WORKING POC
by Vulnerability-Lab · textwebappswindows
https://www.exploit-db.com/exploits/47252

The exploit leverages the TortoiseSVN URI handler (tsvncmd:) to execute a custom diff operation on Excel workbooks, bypassing macro security warnings. By crafting a malicious URL, an attacker can force the victim to open remote workbooks containing macro viruses, leading to arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: TortoiseSVN v1.12.1
No auth needed
Prerequisites: Victim must click a crafted URL or open a .url file · Remote network drive controlled by attacker
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.vulnerability-lab.com/get_content.php?id=2188
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Aug/7

Scores

CVSS v3 8.8
EPSS 0.1639
EPSS Percentile 96.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
tortoisesvn/tortoisesvn 1.12.1
Published Aug 15, 2019
Tracked Since Feb 18, 2026