CVE-2019-17199

HIGH

WPO WebPageTest 19.04 - Path Traversal via Unanchored Regular Expression

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-17199. PoCs published by dun, sinn3r, including Metasploit module auxiliary/scanner/http/webpagetest_traversal.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in WebPageTest via the 'gettext.php' script's 'file' parameter, allowing arbitrary file reads outside the web directory. It sends a crafted HTTP request with traversal sequences to retrieve the specified file.

Description

www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring.

Exploits (1)

metasploit WORKING POC

by dun, sinn3r · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/webpagetest_traversal.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in WebPageTest via the 'gettext.php' script's 'file' parameter, allowing arbitrary file reads outside the web directory. It sends a crafted HTTP request with traversal sequences to retrieve the specified file.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WebPageTest (version not specified)

No auth needed

Prerequisites: Network access to the target WebPageTest instance

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Patch, Third Party Advisory x_refsource_misc

https://github.com/WPO-Foundation/webpagetest/pull/1299

Scores

CVSS v3 7.5

EPSS 0.0996

EPSS Percentile 95.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

webpagetest/webpagetest 19.04

Published Oct 05, 2019

Tracked Since Feb 18, 2026