CVE-2024-23692 – Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability
https://notcve.org/view.php?id=CVE-2024-23692
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported. Rejetto HTTP File Server, hasta la versión 2.3m incluida, es vulnerable a una vulnerabilidad de inyección de plantilla. Esta vulnerabilidad permite que un atacante remoto no autenticado ejecute comandos arbitrarios en el sistema afectado enviando una solicitud HTTP especialmente manipulada. • https://github.com/verylazytech/CVE-2024-23692 https://github.com/0x20c/CVE-2024-23692-EXP https://github.com/pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692 https://github.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS https://github.com/vanboomqi/CVE-2024-23692 https://github.com/BBD-YZZ/CVE-2024-23692 https://github.com/k3lpi3b4nsh33/CVE-2024-23692 https://github.com/Tupler/CVE-2024-23692-exp https://github.com/Mr-r00t11/CVE-2024-23692 https://github.com/WanL • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVE-2020-13432 – HFS Http File Server 2.3m Build 300 Buffer Overflow
https://notcve.org/view.php?id=CVE-2020-13432
rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers. rejetto HFS (también se conoce como HTTP File Server) versión v2.3m Build #300, cuando se utilizan archivos o carpetas virtuales, permite a atacantes remotos desencadenar una violación de acceso de escritura de puntero no válido por medio de peticiones HTTP concurrentes con un URI largo o encabezados HTTP largos HFS Http File Server version 2.3m build 300 suffers from a remote buffer overflow vulnerability that can lead to a denial of service. • http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt http://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html http://seclists.org/fulldisclosure/2020/Jun/13 http://seclists.org/fulldisclosure/2021/Apr/12 https://github.com/rejetto/hfs2/commit/b8ebfc4e22948e1a61506cd66e397b61ea5ea5de https://packetstormsecurity.com/files/157980/HFS-Http-File-Server-2.3m-Build-300-Buffer-Overflow.html https://www.rejetto.com/hfs/?f& • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2014-7226 – Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-7226
The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols. La caracteristica File Comment en Rejetto HTTP File Server (hfs) 2.3c y anteriores permite a atacantes remotos ejecutar código arbitrario mediante la subida de un fichero con ciertas secuencias inválidas de bytes UTF-8 que se interpretan como símbolos de macros ejecutables. HTTP File Server versions 2.3a, 2.3b, and 2.3c suffer from a remote command execution vulnerability. • https://www.exploit-db.com/exploits/34852 http://packetstormsecurity.com/files/128532/HTTP-File-Server-2.3a-2.3b-2.3c-Remote-Command-Execution.html http://www.exploit-db.com/exploits/34852 http://www.rejetto.com/forum/hfs-~-http-file-server/new-version-2-3d http://www.securityfocus.com/bid/70216 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2014-6287 – Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action. La función findMacroMarker en parserLib.pas en Rejetto HTTP File Server (también conocido como HFS o HttpFileServer) 2.3x anterior a 2.3c permite a atacantes remotos ejecutar programas arbitrarios a través de una secuencia %00 en una acción de búsqueda. HttpFileServer version 2.3.x suffers from a remote command execution vulnerability due to a poorly formed regex. The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs. • https://www.exploit-db.com/exploits/34926 https://www.exploit-db.com/exploits/39161 https://www.exploit-db.com/exploits/34668 https://www.exploit-db.com/exploits/49125 https://github.com/0xTabun/CVE-2014-6287 https://github.com/zhsh9/CVE-2014-6287 https://github.com/wizardy0ga/THM-Steel_Mountain-CVE-2014-6287 https://github.com/Nicoslo/Windows-exploitation-Rejetto-HTTP-File-Server-HFS-2.3.x-CVE-2014-6287 http://packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote • CWE-94: Improper Control of Generation of Code ('Code Injection') •