The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
Weakness: Improper Control of Generation of Code ('Code Injection')
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Published: 2014-10-07
Community Advisory
CVE-2014-6287 Exploits (4)
- Nicoslo/Windows-exploitation-Rejetto-HTTP-File-Server-HFS-2.3.x-CVE-2014-6287 ( 1)
- roughiz/cve-2014-6287.py
- rapid7/metasploit-framework/modules/exploits/windows/http/rejetto_hfs_exec.rb
- 39161
Official CVE References
View references (7)
- packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote-Command-Execution.html
- packetstormsecurity.com/files/135122/Rejetto-HTTP-File-Server-2.3.x-Remote-Code-Execution.html
- packetstormsecurity.com/files/160264/Rejetto-HttpFileServer-2.3.x-Remote-Command-Execution.html
- packetstormsecurity.com/files/161503/HFS-HTTP-File-Server-2.3.x-Remote-Code-Execution.html
- kb.cert.org/vuls/id/251276
- rapid7/metasploit-framework/pull/3793
- 39161