Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload

EDB-ID:

30850

CVE:

N/A




Platform:

Multiple

Date:

2007-12-05


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/26732/info

HFS HTTP File Server is prone to a vulnerability that lets attackers upload files and place them in arbitrary locations on the server. The issue occurs because the software fails to adequately sanitize user-supplied input.

A successful exploit may allow the attacker to upload malicious files and potentially execute them; this may lead to various attacks.

This issue affects versions prior to HTTP File Server 2.2b.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/30850.zip