Lucene search
K

32 matches found

NVD
NVD
added yesterday5 views

CVE-2026-61502

Rejetto HFS 3.0.0 through 3.2.0 accepts state-changing API requests via the GET method and exempts GET requests from its anti-CSRF header check. A remote attacker can perform administrative actions including account creation and configuration changes leading to code execution - by causing a...

5.1CVSS
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-61505

Rejetto HFS 3.0.0 through 3.2.0 allows path traversal through the lang query parameter, permitting a remote unauthenticated attacker to read certain JSON files outside the shared folders. Exploitation is constrained to files matching a narrow naming and format pattern, limiting practical impact...

6.9CVSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-61503

Rejetto HFS 3.0.0 through 3.2.0 returns observably different responses from its login endpoint depending on whether the submitted username exists. A remote unauthenticated attacker can use this to confirm valid account names, including the default admin account, facilitating password-guessing and...

6.9CVSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-61504

Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in its fallback "basic" web listing, and this listing can be forced by any browser via the ?get=basic parameter. A user with upload permission - or an anonymous user on servers with an open upload folder - can store a file whose name...

5.4CVSS
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-61500

Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie signing key from the non-cryptographic Math.random generator and discloses outputs of the same generator to unauthenticated clients during login. A remote attacker can collect a small number of login responses, reconstruct the generator's...

9.8CVSS
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-61505

Vulnerability summary: Rejetto HFS versions 3.0.0–3.2.0 are affected by a path traversal via the lang parameter, allowing a remote, unauthenticated attacker to read certain JSON files outside shared folders. The impact is constrained to files matching a narrow naming/format pattern, with no indic...

6.9CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-61504

CVE-2026-61504 affects Rejetto HFS 3.0.0–3.2.0, where the basic web listing does not escape file names and can be forced with the browser parameter ?get=basic. This enables stored XSS: a file with a script in its name can execute in the viewer’s browser when the listing is viewed, potentially by ...

5.4CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-61503

CVE-2026-61503 – Rejetto HFS : Affects HFS 3.0.0–3.2.0. The login endpoint returns observably different responses depending on whether the username exists, enabling remote, unauthenticated actors to confirm valid accounts (including the default admin) and facilitating password guessing and sessio...

6.9CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-61502

CVE-2026-61502 affects Rejetto HFS versions 3.0.0 through 3.2.0. The root cause is that state-changing API requests can be issued via GET and are exempt from the anti-CSRF header check, enabling a remote attacker to perform administrative actions (e.g., account creation, configuration changes) an...

5.1CVSS6.4AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-61500

Affected software: Rejetto HFS 3.0.0–3.2.0. Root cause: session-cookie signing key derived from the non‑cryptographic Math.random() generator; outputs disclosed to unauthenticated clients during login. Impact: remote attacker can observe login responses, reconstruct the generator state, recover t...

9.8CVSS6.5AI score
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-5685

Malware in sbrugna...

7.5CVSS7.4AI score0.30865EPSS
Exploits5References9
Imperva Blog
Imperva Blog
added 2025/08/05 4:19 p.m.9 views

Imperva Detects and Mitigates Rejetto HFS Spray-and-Pray Ransomware/Trojan Campaign

On July 19th, Imperva Threat Research team detected a sudden surge in HTTP probes targeting Rejetto HTTP File Server HFS 2.x instances. What looked like routine internet noise quickly revealed itself as a coordinated attempt to exploit a critical unauthenticated server-side template injection...

9.8CVSS8.8AI score0.99485EPSS
Exploits20
RedhatCVE
RedhatCVE
added 2025/02/05 7:26 a.m.4 views

CVE-2024-23692

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment...

9.8CVSS8AI score0.99485EPSS
Exploits20References1
OSV
OSV
added 2024/07/05 12:31 a.m.11 views

GHSA-5F4X-HWV2-W9W2 rejetto HFS vulnerable to OS Command Execution by remote authenticated users

rejetto HFS aka HTTP File Server 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users if they have Upload permissions. This occurs because a shell is used to execute df i.e., with execSync instead of spawnSync in childprocess in Node.js...

9.9CVSS9AI score0.48477EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/07/05 12:31 a.m.23 views

rejetto HFS vulnerable to OS Command Execution by remote authenticated users

rejetto HFS aka HTTP File Server 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users if they have Upload permissions. This occurs because a shell is used to execute df i.e., with execSync instead of spawnSync in childprocess in Node.js...

9.9CVSS6.9AI score0.48477EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2024/07/04 11:15 p.m.45 views

CVE-2024-39943

rejetto HFS aka HTTP File Server 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users if they have Upload permissions. This occurs because a shell is used to execute df i.e., with execSync instead of spawnSync in childprocess in Node.js...

9.9CVSS0.48477EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/07/04 12:0 a.m.5 views

rejetto HFS Security Vulnerability

rejetto HFS is a web-based file server from the individual developer Massimo Melina in Italy. A security vulnerability exists in rejetto HFS versions prior to 0.52.10, which originates from allowing an authenticated remote user to execute operating system commands...

9.9CVSS6.9AI score0.48477EPSS
Exploits1References4
CVE
CVE
added 2024/07/04 12:0 a.m.119 views

CVE-2024-39943

CVE-2024-39943 affects rejetto HFS (HTTP File Server) before v0.52.10 on Linux/UNIX/macOS. The root cause is that the server executes OS commands via a shell (execSync) to run df during file upload, enabling remote authenticated users with Upload permissions to achieve remote code execution. Conn...

9.9CVSS9.2AI score0.48477EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/04 12:0 a.m.16 views

CVE-2024-39943

rejetto HFS aka HTTP File Server 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users if they have Upload permissions. This occurs because a shell is used to execute df i.e., with execSync instead of spawnSync in childprocess in Node.js...

9.9CVSS7.1AI score0.48477EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/07/04 12:0 a.m.47 views

CVE-2024-39943

rejetto HFS aka HTTP File Server 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users if they have Upload permissions. This occurs because a shell is used to execute df i.e., with execSync instead of spawnSync in childprocess in Node.js...

9.9CVSS0.48477EPSS
Exploits1References3
Rows per page
Query Builder