CVE-2024-23692 Information

Description

Rejetto HTTP File Server up to and including version 2.3m is vulnerable to a template injection vulnerability. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date Rejetto HFS 2.3m is no longer supported.

Reference

https://vulncheck.com/advisories/rejetto-unauth-rce https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/