← back
CVE-2024-23692

Rejetto HTTP File Server 2.3m Unauthenticated RCE

CVSS 9.8 CRITICALEPSS 99.5%● KEVCWE-1336
In short

Rejetto HTTP File Server version 2.3m and earlier has a critical flaw that allows anyone on the internet to run malicious commands on the affected computer by sending a specially crafted request. No login is required, making it extremely dangerous.

Technical detail

A template injection vulnerability in Rejetto HFS ≤2.3m enables unauthenticated remote code execution via crafted HTTP requests. The vulnerability stems from improper template processing that fails to sanitize user input, allowing an attacker to inject and execute arbitrary commands on the host system without authentication.

Summary generated and translated by AI from the official description.
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Rejetto · HTTP File Server
public PoCs found14
githubgithub.com/verylazytech/CVE-2024-2369248githubgithub.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS16githubgithub.com/0x20c/CVE-2024-23692-EXP13githubgithub.com/vanboomqi/CVE-2024-2369210githubgithub.com/BBD-YZZ/CVE-2024-236926githubgithub.com/NanoWraith/CVE-2024-236924githubgithub.com/pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-236921githubgithub.com/NingXin2002/HFS2.3_poc1githubgithub.com/WanLiChangChengWanLiChang/CVE-2024-23692-RCE0githubgithub.com/999gawkboyy/CVE-2024-23692_Exploit0githubgithub.com/wgetnz/hfs20githubgithub.com/Tupler/CVE-2024-23692-exp0githubgithub.com/Mr-r00t11/CVE-2024-236920exploitdbwww.exploit-db.com/exploits/52102unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/rapid7/metasploit-framework/pull/19240https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/https://vulncheck.com/advisories/rejetto-unauth-rcehttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-23692https://www.vicarius.io/vsociety/posts/cve-2024-23692-detect-rejetto-hfs-vulnerabilityhttps://www.vicarius.io/vsociety/posts/cve-2024-23692-rejetto-hfs-mitigate-vulnerabilityhttps://www.vicarius.io/vsociety/posts/unauthenticated-rce-flaw-in-rejetto-http-file-server-cve-2024-23692