RCE in Rejetto HFS Server 2.x – CVE-2024-23692

Posted on

Vulnerable Version

Rejetto HFS version 2.3m & earlier

Fixed Version

Upgrade to the latest version of HFS

Base Score

9.8 critical                                                                        

Vendor Description:-

The Rejetto HTTP File Server (HFS) is a lightweight, free-to-use file-sharing application that allows users
to create a file server on their local or networked systems. It’s designed for simplicity, enabling users to
share files over HTTP using a web browser as the client. HFS is commonly used to quickly and easily
share files with others without requiring complex configurations or specialized software.
You can think of it as a way to create a mini web server to host files. Once set up, you can give someone
a URL, and they can download files directly from your system using a browser. It’s especially handy for
temporary file sharing, small team collaboration, or testing environments where you don’t want to set
up a full-fledged server.

CVE-2024-23692 Vulnerability Details:-

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection
vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary
commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment
date, Rejetto HFS 2.3m is no longer supported.
The CVE-2024-23692 vulnerability allows remote attackers to execute arbitrary code on the affected
server without authentication.

Impact

  1. Unauthorized Access: Unauthenticated attackers can use template injection to execute arbitrary
    code remotely without appropriate credentials.
  2. System Compromise: Exploitation can give attackers full access over the compromised system,
    allowing them to install malicious software.
    a. Exfiltrate sensitive information.
    b. Use the compromised server as a starting point for other assaults.
  3. Data Breach Risks: May expose personal information stored on or handled by the vulnerable system.
  4. Service Disruption: Through malicious payloads or resource fatigue, attackers may render the server
    inoperable.

Mitigation Steps:

  1. Discontinue Use: Since HFS 2.3m is no longer supported, it is recommended that you stop using it
    immediately.
  2. Upgrade to a well-maintained and secure file server solution that includes continuous maintenance
    and security updates.
  3. If quick discontinuance is not possible, restrict access to the server by establishing firewall rules to
    allow only trusted IP addresses.
  4. System monitoring is checking system logs on a regular basis for any odd activity that may signal
    exploitation attempts.

POC

Python3 exploit.py 192.168.1.22 80 calc
image 17

after running the exploit

image 19

Leave a Reply

Your email address will not be published. Required fields are marked *