CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 2CVE-2024-39943
https://notcve.org/view.php?id=CVE-2024-39943
rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js). rejetto HFS (también conocido como servidor de archivos HTTP) 3 anterior a 0.52.10 en Linux, UNIX y macOS permite la ejecución de comandos del sistema operativo por parte de usuarios remotos autenticados (si tienen permisos de carga). Esto ocurre porque se usa un shell para ejecutar df (es decir, con execSync en lugar de spawnSync en child_process en Node.js). • https://github.com/truonghuuphuc/CVE-2024-39943-Poc https://github.com/A-little-dragon/CVE-2024-39943-Exploit https://github.com/rejetto/hfs/commit/305381bd36eee074fb238b64302a252668daad1d https://github.com/rejetto/hfs/compare/v0.52.9...v0.52.10 https://www.rejetto.com/wiki/index.php/HFS:_Working_with_uploads • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 95%CPEs: 1EXPL: 13CVE-2024-23692 – Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability
https://notcve.org/view.php?id=CVE-2024-23692
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported. Rejetto HTTP File Server, hasta la versión 2.3m incluida, es vulnerable a una vulnerabilidad de inyección de plantilla. Esta vulnerabilidad permite que un atacante remoto no autenticado ejecute comandos arbitrarios en el sistema afectado enviando una solicitud HTTP especialmente manipulada. • https://github.com/verylazytech/CVE-2024-23692 https://github.com/0x20c/CVE-2024-23692-EXP https://github.com/pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692 https://github.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS https://github.com/vanboomqi/CVE-2024-23692 https://github.com/BBD-YZZ/CVE-2024-23692 https://github.com/k3lpi3b4nsh33/CVE-2024-23692 https://github.com/Tupler/CVE-2024-23692-exp https://github.com/Mr-r00t11/CVE-2024-23692 https://github.com/WanL • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-40668
https://notcve.org/view.php?id=CVE-2021-40668
The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write. La aplicación Android HTTP File Server (Versión 1.4.1) de "slowscript" está afectada por una vulnerabilidad de salto de ruta que permite el listado arbitrario de directorios, la lectura y escritura de archivos • https://eddiez.me/path-traversal-in-slowscript-httpfileserver https://play.google.com/store/apps/details?id=slowscript.httpfileserver • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 29%CPEs: 1EXPL: 3CVE-2014-7226 – Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-7226
The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols. La caracteristica File Comment en Rejetto HTTP File Server (hfs) 2.3c y anteriores permite a atacantes remotos ejecutar código arbitrario mediante la subida de un fichero con ciertas secuencias inválidas de bytes UTF-8 que se interpretan como símbolos de macros ejecutables. HTTP File Server versions 2.3a, 2.3b, and 2.3c suffer from a remote command execution vulnerability. • https://www.exploit-db.com/exploits/34852 http://packetstormsecurity.com/files/128532/HTTP-File-Server-2.3a-2.3b-2.3c-Remote-Command-Execution.html http://www.exploit-db.com/exploits/34852 http://www.rejetto.com/forum/hfs-~-http-file-server/new-version-2-3d http://www.securityfocus.com/bid/70216 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2008-0407
https://notcve.org/view.php?id=CVE-2008-0407
HTTP File Server (HFS) before 2.2c tags HTTP request log entries with the username sent during HTTP Basic Authentication, regardless of whether authentication succeeded, which might make it more difficult for an administrator to determine who made a remote request. HTTP File Server (HFS) versiones anteriores a 2.2c etiqueta entradas en el fichero de trazas relativas a peticiones HTTP con el nombre de usuario enviado durante la Autenticación HTTP Básica, sin importar si la autenticación fue exitosa, lo cual podría dificultar a un administrador para determinar quién realiza peticiones remotas. • http://secunia.com/advisories/28631 http://securityreason.com/securityalert/3582 http://www.rejetto.com/hfs/?f=wn http://www.securityfocus.com/archive/1/486874/100/0/threaded http://www.securityfocus.com/bid/27423 http://www.syhunt.com/advisories/hfs-1-username.txt http://www.syhunt.com/advisories/hfshack.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/39877 • CWE-287: Improper Authentication •