CVE-2019-14751

HIGH

nltk < 3.4.5 - Arbitrary File Write via Directory Traversal in Package Extraction

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-14751. PoCs published by mssalvatore.

AI-analyzed exploit summary This repository provides a detailed technical description and reproduction steps for CVE-2019-14751, a directory traversal vulnerability in NLTK Downloader. It explains how attackers can write arbitrary files via a ../ in a ZIP archive during extraction.

Description

NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.

Exploits (1)

nomisec WRITEUP 4 stars
by mssalvatore · poc
https://github.com/mssalvatore/CVE-2019-14751_PoC

This repository provides a detailed technical description and reproduction steps for CVE-2019-14751, a directory traversal vulnerability in NLTK Downloader. It explains how attackers can write arbitrary files via a ../ in a ZIP archive during extraction.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: NLTK Downloader before version 3.5
No auth needed
Prerequisites: Access to a web server to host malicious files · Victim interaction to trigger the download
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (8)

Core 8
Core References
Release Notes x_refsource_confirm
https://github.com/nltk/nltk/blob/3.4.5/ChangeLog
Exploit, Patch, Third Party Advisory x_refsource_misc
https://salvatoresecurity.com/zip-slip-in-nltk-cve-2019-14751/
Exploit, Patch, Third Party Advisory x_refsource_misc
https://github.com/mssalvatore/CVE-2019-14751_PoC

Scores

CVSS v3 7.5
EPSS 0.0316
EPSS Percentile 87.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (2)
nltk/nltk < 3.4.5
pypi/nltk 0 - 3.4.5PyPI
Published Aug 22, 2019
Tracked Since Feb 18, 2026