Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-23692 PoC — Rejetto HTTP File Server 2.3m Unauthenticated RCE

Source
https://github.com/WanLiChangChengWanLiChang/CVE-2024-23692-RCE
Associated Vulnerability
Title:Rejetto HTTP File Server 2.3m Unauthenticated RCE (CVE-2024-23692)
Description:Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
Readme
# TG Join Us https://t.me/WanLiChangChengWanLiChang
加入我们定时查收各类漏洞 EXP POC
# CVE-2024-23692-RCE-EXP
CVE-2024-23692 Rejetto HTTP HFS服务器 RCE

# FOFA
"HttpFileServer"  

# 注意事项 
影响范围为  HFS2.3 及以下版本

# 使用方法 How To Use

ulimit -n 999999; zmap -p PORT   -B500M | go run hfs.go PORT

CHANGE THE PORT WHICH U WANNA TO EXPLOIT 

TEST ON UB20.04
File Snapshot

 [4.0K]  /data/pocs/b8d89cd031973ce44c02245f39dc309ec905c8c1
├── [3.1K]  hfs.go
└── [ 400]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →