Rejetto Http File Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Rejetto Http File Server.
By the Year
In 2026 there have been 0 vulnerabilities in Rejetto Http File Server. Http File Server did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 9.30 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 7.50 |
It may take a day or so for new Http File Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Rejetto Http File Server Security Vulnerabilities
Rejetto HFS 3 <0.52.10: Remote Auth Upload OS Command Exec (Node.js)
CVE-2024-39943
8.8 - High
- July 04, 2024
rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).
Shell injection
Remote Template Injection in Rejetto HFS 2.3m (Arbitrary CMD Exec)
CVE-2024-23692
9.8 - Critical
- May 31, 2024
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
1336
rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used
CVE-2020-13432
7.5 - High
- June 08, 2020
rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers.
Classic Buffer Overflow
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c
CVE-2014-6287
9.8 - Critical
- October 07, 2014
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Rejetto Http File Server or by Rejetto? Click the Watch button to subscribe.
