PT-2024-28745 · Rejetto · Rejetto Hfs
Name of the Vulnerable Software and Affected Versions: rejetto HFS aka HTTP File Server versions 3 before 0.52.10 Description: The issue allows OS command execution by remote authenticated users who have Upload permissions. This occurs because a shell is used to execute df with execSync instead o...