CVE-2024-23692 Rejetto HTTP File Server 2.3m Unauthenticated RCE

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

CVE-2024-23692 Rejetto HTTP File Server 2.3m Unauthenticated RCE

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

CVE-2024-23692

CVE-2024-23692 affects Rejetto HTTP File Server (HFS) versions up to 2.3m. The vulnerability is a server‑side template injection in the search parameter that is reflected into HFS templates, allowing an unauthenticated attacker to execute arbitrary commands (remote code execution). Exploitation c...

CVE-2024-23692

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

CVE-2024-1227 Multiple vulnerabilities in Rejetto's Http File Server

An open redirect vulnerability, the exploitation of which could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site...

CVE-2024-1227 Multiple vulnerabilities in Rejetto's Http File Server

An open redirect vulnerability, the exploitation of which could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site...

CVE-2024-1226 Multiple vulnerabilities in Rejetto's Http File Server

The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response represented by the browser. An attacker could control the...

CVE-2024-1226 Multiple vulnerabilities in Rejetto's Http File Server

The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response represented by the browser. An attacker could control the...

PT-2024-17521 · Rejetto · Http File Server

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is an open redirect vulnerability. This could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site. The...

Rejetto Http File Server Injection Vulnerability

HTTP File Server is a simple tool that allows you to access your phone's files from your desktop, tablet or other device without any special software - just a web browser. An injection vulnerability exists in Rejetto Http File Server version 2.2a, which stems from the fact that under certain...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

Design/Logic Flaw

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

CVE-2024-26566

CVE-2024-26566 affects Cute Http File Server v3.1. The issue allows a remote attacker to escalate privileges via the password verification component, with a network attack vector, no user interaction, and high impact (Integrity). Affected software is Cute Http File Server v3.1 (no other versions ...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

PT-2024-21424 · Unknown · Cute Http File Server

Name of the Vulnerable Software and Affected Versions: Cute Http File Server version 3.1 Description: The issue allows a remote attacker to escalate privileges via the password verification component. Recommendations: For Cute Http File Server version 3.1, consider disabling the password...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

PT-2023-9232

Name of the Vulnerable Software and Affected Versions Rejetto HTTP File Server versions 2.3m and earlier Description The vulnerability is related to the improper neutralization of special elements used in a template engine, allowing a remote, unauthenticated attacker to execute arbitrary commands...

PT-2023-9214 · Unknown · Http File Server

Name of the Vulnerable Software and Affected Versions: HTTP File Server affected versions not specified Description: The issue is related to inadequate access control in the HTTP File Server, which can be exploited by a remote attacker to execute arbitrary code. Recommendations: At the moment,...

CVE-2023-4118

A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

Cross site scripting

A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...