9 results (0.023 seconds)

CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 2

rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js). rejetto HFS (también conocido como servidor de archivos HTTP) 3 anterior a 0.52.10 en Linux, UNIX y macOS permite la ejecución de comandos del sistema operativo por parte de usuarios remotos autenticados (si tienen permisos de carga). Esto ocurre porque se usa un shell para ejecutar df (es decir, con execSync en lugar de spawnSync en child_process en Node.js). • https://github.com/truonghuuphuc/CVE-2024-39943-Poc https://github.com/A-little-dragon/CVE-2024-39943-Exploit https://github.com/rejetto/hfs/commit/305381bd36eee074fb238b64302a252668daad1d https://github.com/rejetto/hfs/compare/v0.52.9...v0.52.10 https://www.rejetto.com/wiki/index.php/HFS:_Working_with_uploads • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-284: Improper Access Control •

CVSS: 9.8EPSS: 95%CPEs: 1EXPL: 12

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported. Rejetto HTTP File Server, hasta la versión 2.3m incluida, es vulnerable a una vulnerabilidad de inyección de plantilla. Esta vulnerabilidad permite que un atacante remoto no autenticado ejecute comandos arbitrarios en el sistema afectado enviando una solicitud HTTP especialmente manipulada. • https://github.com/verylazytech/CVE-2024-23692 https://github.com/0x20c/CVE-2024-23692-EXP https://github.com/pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692 https://github.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS https://github.com/vanboomqi/CVE-2024-23692 https://github.com/BBD-YZZ/CVE-2024-23692 https://github.com/k3lpi3b4nsh33/CVE-2024-23692 https://github.com/Tupler/CVE-2024-23692-exp https://github.com/Mr-r00t11/CVE-2024-23692 https://github.com/WanL • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •

CVSS: 7.5EPSS: 29%CPEs: 1EXPL: 3

The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols. La caracteristica File Comment en Rejetto HTTP File Server (hfs) 2.3c y anteriores permite a atacantes remotos ejecutar código arbitrario mediante la subida de un fichero con ciertas secuencias inválidas de bytes UTF-8 que se interpretan como símbolos de macros ejecutables. HTTP File Server versions 2.3a, 2.3b, and 2.3c suffer from a remote command execution vulnerability. • https://www.exploit-db.com/exploits/34852 http://packetstormsecurity.com/files/128532/HTTP-File-Server-2.3a-2.3b-2.3c-Remote-Command-Execution.html http://www.exploit-db.com/exploits/34852 http://www.rejetto.com/forum/hfs-~-http-file-server/new-version-2-3d http://www.securityfocus.com/bid/70216 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

HTTP File Server (HFS) before 2.2c tags HTTP request log entries with the username sent during HTTP Basic Authentication, regardless of whether authentication succeeded, which might make it more difficult for an administrator to determine who made a remote request. HTTP File Server (HFS) versiones anteriores a 2.2c etiqueta entradas en el fichero de trazas relativas a peticiones HTTP con el nombre de usuario enviado durante la Autenticación HTTP Básica, sin importar si la autenticación fue exitosa, lo cual podría dificultar a un administrador para determinar quién realiza peticiones remotas. • http://secunia.com/advisories/28631 http://securityreason.com/securityalert/3582 http://www.rejetto.com/hfs/?f=wn http://www.securityfocus.com/archive/1/486874/100/0/threaded http://www.securityfocus.com/bid/27423 http://www.syhunt.com/advisories/hfs-1-username.txt http://www.syhunt.com/advisories/hfshack.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/39877 • CWE-287: Improper Authentication •

CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 1

HTTP File Server (HFS) before 2.2c allows remote attackers to append arbitrary text to the log file by using the base64 representation of this text during HTTP Basic Authentication. HTTP File Server (HFS) versiones anteriores a 2.2c permite a atacantes remotos añadir texto de su elección en el fichero de trazas utilizando la representación base64 del texto durante la la Autenticación HTTP Básica. • http://secunia.com/advisories/28631 http://securityreason.com/securityalert/3582 http://www.rejetto.com/hfs/?f=wn http://www.securityfocus.com/archive/1/486874/100/0/threaded http://www.securityfocus.com/bid/27423 http://www.syhunt.com/advisories/hfs-1-username.txt http://www.syhunt.com/advisories/hfshack.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/39876 • CWE-287: Improper Authentication •