Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-23692 PoC — Rejetto HTTP File Server 2.3m Unauthenticated RCE

Source
https://github.com/0x20c/CVE-2024-23692-EXP
Associated Vulnerability
Title:Rejetto HTTP File Server 2.3m Unauthenticated RCE (CVE-2024-23692)
Description:Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
Description
CVE-2024-23692 Exploit
Readme
# CVE-2024-23692-EXP

<br/>

```bash
bash CVE-2024-23692.sh <url> <command>
```

<br/>

![bash](2024_06_18_11_32_04.png)


<br/>

Nuclei

```bash
nuclei -list target.txt -t CVE-2024-23692.yaml -o CVE-2024-23692-result.txt
```

<br/>

![nuclei](2024_06_18_11_38_22.png)
File Snapshot

 [4.0K]  /data/pocs/cfb9148c2c948a105e63b23d35fe1c331cf1803d
├── [154K]  2024_06_18_11_32_04.png
├── [1.0M]  2024_06_18_11_38_22.png
├── [ 760]  CVE-2024-23692.sh
├── [ 921]  CVE-2024-23692.yaml
└── [ 269]  README.md

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →