CVE-2024-22232

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem...

UBUNTU-CVE-2024-22232

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem...

CVE-2024-22232 Specially crafted url can be created which leads to a directory traversal in the salt file server

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem...

CVE-2024-22232 Specially crafted url can be created which leads to a directory traversal in the salt file server

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem...

CVE-2024-22232

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem...

Astra Linux – Vulnerability in liblivemedia

Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16...

Exploit for Path Traversal in Solarwinds Serv-U

CVE-2024-28995-SolarWinds-Serv-U SolarWinds Serv-U File Serv...

The vulnerability of the HTTP File Server, related to deficiencies in access control, allows a perpetrator to execute arbitrary code.

The vulnerability of the HTTP File Server is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Metasploit Weekly Wrap-Up 06/14/2024

New module content 5 Telerik Report Server Auth Bypass Authors: SinSinology and Spencer McIntyre Type: Auxiliary Pull request: 19242 contributed by zeroSteiner Path: scanner/http/telerikreportserverauthbypass AttackerKB reference: CVE-2024-4358 Description: This adds an exploit for CVE-2024-4358...

Rejetto HTTP File Server 2.x Remote Code Execution

Rejetto HTTP File Server 2.x, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. No source data...

Exploit for Code Injection in Rejetto Http_File_Server

It is an offensive tool for web application exploitation. This r...

Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution Exploit

The Rejetto HTTP File Server HFS version 2.x is vulnerable to an unauthenticated server side template injection SSTI vulnerability. A remote unauthenticated attacker can execute code with the privileges of the user account running the HFS.exe server process. This exploit has been tested to work...

Rejetto HTTP File Server (HFS) Unauthenticated Remote Code Execution

The Rejetto HTTP File Server HFS version 2.x is vulnerable to an unauthenticated server side template injection SSTI vulnerability. A remote unauthenticated attacker can execute code with the privileges of the user account running the HFS.exe server process. This exploit has been tested to work...

Rejetto HTTP File Server Template Injection Vulnerability

Rejetto HTTP File Server Rejetto HFS is an HTTP file server from Rejetto. A template injection vulnerability exists in Rejetto HTTP File Server version 2.3m and earlier, which arises from an application that uses unfiltered user input as template parameters when rendering dynamic content, and can...

CVE-2024-23692

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

CVE-2024-23692

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

CVE-2024-23692 Rejetto HTTP File Server 2.3m Unauthenticated RCE

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

CVE-2024-23692 Rejetto HTTP File Server 2.3m Unauthenticated RCE

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

CVE-2024-23692

CVE-2024-23692 affects Rejetto HTTP File Server (HFS) versions up to 2.3m. The vulnerability is a server‑side template injection in the search parameter that is reflected into HFS templates, allowing an unauthenticated attacker to execute arbitrary commands (remote code execution). Exploitation c...

Rejetto HTTP File Server 安全漏洞

Rejetto HTTP File Server Rejetto HFS is an HTTP file server from Rejetto. A template injection vulnerability exists in Rejetto HTTP File Server version 2.3m and earlier, which arises from an application that uses unfiltered user input as template parameters when rendering dynamic content, and can...