CVE-2020-15929

CRITICAL

Ortus TestBox 2.4.0-4.1.0 - Remote Code Execution via HTMLRunner.cfm Query Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-15929. PoCs published by Darren King.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file write vulnerability in TestBox CFML Test Framework, allowing remote code execution by injecting CFML tags into a properties file. The vulnerability arises from unvalidated user input in the 'labels' parameter, which is written to a CFM file and executed by the server.

Description

In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution.

Exploits (1)

exploitdb WORKING POC
by Darren King · textwebappsmultiple
https://www.exploit-db.com/exploits/49077

This exploit demonstrates an arbitrary file write vulnerability in TestBox CFML Test Framework, allowing remote code execution by injecting CFML tags into a properties file. The vulnerability arises from unvalidated user input in the 'labels' parameter, which is written to a CFM file and executed by the server.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: TestBox CFML Test Framework 2.4.0 through 4.1.0
No auth needed
Prerequisites: TestBox deployed in a production environment · Network access to the TestBox application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://www.exploit-db.com/exploits/49077

Scores

CVSS v3 9.8
EPSS 0.0455
EPSS Percentile 90.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
ortussolutions/testbox 2.4.0 - 4.1.0
Published Nov 24, 2020
Tracked Since Feb 18, 2026