← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-23692 — Actively Exploited: HTTP File Server (Rejetto)

Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request.

CVE IDCVE-2024-23692
VendorRejetto
ProductHTTP File Server
Vulnerability nameRejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulne
Date added2024-07-09
Remediation due2024-07-30
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionRejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →