CVE-2019-17640

CRITICAL

Eclipse Vert.x 3.4.0-3.9.4 - Path Traversal via StaticHandler on Windows

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-17640. PoCs published by shoucheng3.

AI-analyzed exploit summary This repository contains the source code for Vert.x Web's FreeMarker template engine, which is vulnerable to CVE-2019-17640. The code includes the implementation details of the template engine, but does not contain an explicit exploit or proof-of-concept code.

Description

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the current working directory.

Exploits (1)

nomisec WRITEUP
by shoucheng3 · poc
https://github.com/shoucheng3/vert-x3__vertx-web_CVE-2019-17640_3-9-3

This repository contains the source code for Vert.x Web's FreeMarker template engine, which is vulnerable to CVE-2019-17640. The code includes the implementation details of the template engine, but does not contain an explicit exploit or proof-of-concept code.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Vert.x Web (FreeMarker template engine) version 3.9.3
No auth needed
Prerequisites: Access to a Vert.x Web application using the FreeMarker template engine
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Vendor Advisory x_refsource_confirm
https://bugs.eclipse.org/bugs/show_bug.cgi?id=567416

Scores

CVSS v3 9.8
EPSS 0.0169
EPSS Percentile 82.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22 CWE-23
Status published
Products (3)
eclipse/vert.x 4.0.0 beta1 (8 CPE variants)
eclipse/vert.x 3.4.0 - 3.9.4
io.vertx/vertx-web 3.0.0 - 3.9.4Maven
Published Oct 15, 2020
Tracked Since Feb 18, 2026