1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability

Known Exploited Vulnerabilities CVE-2024-23692 Mappings

Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability secondary_impact T1005 Data from Local System
Comments
CVE-2024-23692 is a OS command injection vulnerability within the HTTP File Server (HFS) process for Rejetto. It has been reported to be exploited by threat actors to deploy cryptomining malware, install backdoors, Remote Access Trojans (RATs), and other malware like “GoThief” to exfiltrate sensitive data.
References
  1. https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
  2. https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html
  3. https://www.bleepingcomputer.com/news/security/hackers-attack-hfs-servers-to-drop-malware-and-monero-miners/
  4. https://socradar.io/critical-http-file-server-vulnerability-cve-2024-23692-actively-exploited-to-deploy-cryptomining-malware-rats-stealers/
CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability secondary_impact T1496 Resource Hijacking
Comments
CVE-2024-23692 is a OS command injection vulnerability within the HTTP File Server (HFS) process for Rejetto. It has been reported to be exploited by threat actors to deploy cryptomining malware, install backdoors, Remote Access Trojans (RATs), and other malware like “GoThief” to exfiltrate sensitive data.
References
  1. https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
  2. https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html
  3. https://www.bleepingcomputer.com/news/security/hackers-attack-hfs-servers-to-drop-malware-and-monero-miners/
  4. https://socradar.io/critical-http-file-server-vulnerability-cve-2024-23692-actively-exploited-to-deploy-cryptomining-malware-rats-stealers/
CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability secondary_impact T1105 Ingress Tool Transfer
Comments
CVE-2024-23692 is a OS command injection vulnerability within the HTTP File Server (HFS) process for Rejetto. It has been reported to be exploited by threat actors to deploy cryptomining malware, install backdoors, Remote Access Trojans (RATs), and other malware like “GoThief” to exfiltrate sensitive data.
References
  1. https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
  2. https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html
  3. https://www.bleepingcomputer.com/news/security/hackers-attack-hfs-servers-to-drop-malware-and-monero-miners/
  4. https://socradar.io/critical-http-file-server-vulnerability-cve-2024-23692-actively-exploited-to-deploy-cryptomining-malware-rats-stealers/
CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability primary_impact T1082 System Information Discovery
Comments
CVE-2024-23692 is a OS command injection vulnerability within the HTTP File Server (HFS) process for Rejetto. It has been reported to be exploited by threat actors to deploy cryptomining malware, install backdoors, Remote Access Trojans (RATs), and other malware like “GoThief” to exfiltrate sensitive data.
References
  1. https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
  2. https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html
  3. https://www.bleepingcomputer.com/news/security/hackers-attack-hfs-servers-to-drop-malware-and-monero-miners/
  4. https://socradar.io/critical-http-file-server-vulnerability-cve-2024-23692-actively-exploited-to-deploy-cryptomining-malware-rats-stealers/
CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability exploitation_technique T1221 Template Injection
Comments
CVE-2024-23692 is a OS command injection vulnerability within the HTTP File Server (HFS) process for Rejetto. It has been reported to be exploited by threat actors to deploy cryptomining malware, install backdoors, Remote Access Trojans (RATs), and other malware like “GoThief” to exfiltrate sensitive data.
References
  1. https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
  2. https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html
  3. https://www.bleepingcomputer.com/news/security/hackers-attack-hfs-servers-to-drop-malware-and-monero-miners/
  4. https://socradar.io/critical-http-file-server-vulnerability-cve-2024-23692-actively-exploited-to-deploy-cryptomining-malware-rats-stealers/