CVE-2024-3640

HIGH

Rockwell Automation FactoryTalk Remote Access - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-3640. PoCs published by H1ng007.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-3640, targeting GeoServer's unsafe handling of XPath expressions via the commons-jxpath library, enabling remote code execution. The exploit includes WAF bypass techniques using XML comments and supports command execution and memory shell injection.

Description

An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable and run it as a System user. A threat actor needs admin privileges to exploit this vulnerability.

Exploits (1)

nomisec WORKING POC 3 stars
by H1ng007 · poc
https://github.com/H1ng007/CVE-2024-3640_WafBypass

This repository contains a functional exploit for CVE-2024-3640, targeting GeoServer's unsafe handling of XPath expressions via the commons-jxpath library, enabling remote code execution. The exploit includes WAF bypass techniques using XML comments and supports command execution and memory shell injection.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GeoServer (via GeoTools and commons-jxpath)
No auth needed
Prerequisites: Access to a vulnerable GeoServer instance · Network connectivity to the target
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v4 7.0
EPSS 0.0027
EPSS Percentile 18.7%
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-428
Status published
Products (1)
Rockwell Automation/FactoryTalk® Remote Access™ v13.5.0.174
Published May 16, 2024
Tracked Since Feb 18, 2026