WEB Rejetto HTTP File Server Server Side Template Injection -2 (CVE-2024-23692)
Rule ID
1235114
Severity
High
Description
The Rejetto HTTP File Server (HFS) version 2.x is vulnerable to an unauthenticated server side template injection (SSTI) vulnerability. A remote unauthenticated attacker can execute code with the privileges of the user account running the HFS.exe server process.
Impact
Remote command execution
Recommendation
Update vendor's patch.
IPS Category
Web threats
IPS Anomaly Group
N/A
IPS Rule Default Action
Deny
References
Keywords
N/A
Date Created
2024/06/18
Last Updated
2024/07/03
This website uses cookies to ensure you get the best experience on our website.
Learn more