Remote Code Execution Vulnerability in Rejetto HFS File Server
CVE-2014-6287

9.8CRITICAL

Key Information:

Vendor: Rejetto
Status: Http File Server
Vendor: CVE Published:; 7 October 2014

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 94%🦅 CISA Reported

What is CVE-2014-6287?

The findMacroMarker function in parserLib.pas of Rejetto HTTP File Server (HFS) versions 2.3x prior to 2.3c is susceptible to a remote code execution vulnerability. An attacker could exploit this flaw by crafting a search action that utilizes a %00 sequence, which allows execution of arbitrary programs on the server. This vulnerability poses significant risks, enabling unauthorized remote access and control over sensitive data and server operations.

CISA has reported CVE-2014-6287

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2014-6287 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2014-6287 - Proof of Concept

Rejetto-HTTP-File-Server-HFS-2.3.x---Remote-Command-Execution
Created by randallbanner

Windows-exploitation-Rejetto-HTTP-File-Server-HFS-2.3.x-CVE-2014-6287
Created by Nicoslo