Exploitation Summary
CVE-2014-6287 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 25, 2022.
EIP tracks 22 public exploits from researchers including Avinash Thapa, Metasploit, Daniele Linguaglossa, including a Metasploit module exploits/windows/http/rejetto_hfs_exec.
A Nuclei detection template is also available.
AI-analyzed exploit summary This exploit targets a remote command execution vulnerability in HttpFileServer 2.3.x by leveraging a search query injection to execute arbitrary commands. It downloads and executes a netcat binary to establish a reverse shell.
Description
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
Exploits (22)
This exploit targets a remote command execution vulnerability in HttpFileServer 2.3.x by leveraging a search query injection to execute arbitrary commands. It downloads and executes a netcat binary to establish a reverse shell.
This Metasploit module exploits a remote command execution vulnerability in Rejetto HttpFileServer (HFS) by bypassing a poor regex filter using '%00' to inject malicious scripting commands. It delivers a VBS payload via HTTP and executes it on the target system.
This exploit leverages a regex bypass in HttpFileServer 2.3.x via a null byte injection, allowing remote command execution through the `{.exec|cmd.}` macro. The vulnerability arises from improper handling of null bytes in the `ParserLib.pas` regex pattern.
This exploit leverages a remote command execution vulnerability in Rejetto HttpFileServer 2.3.x by injecting a malicious search parameter. The payload is executed via the `exec` function in the HFS template engine.
This is a functional exploit for CVE-2014-6287, targeting Rejetto HTTP File Server (HFS) 2.3.x. It leverages a remote command execution vulnerability by crafting a malicious search query to execute a PowerShell reverse shell payload.
This Python script exploits CVE-2014-6287 in Rejetto HFS 2.3.x by sending a crafted HTTP request with a PowerShell reverse shell payload. It uses threading to simultaneously trigger the exploit and start a netcat listener for the reverse shell.
This is a Python 3 exploit for CVE-2014-6287, targeting HttpFileServer 2.3.x. It leverages a remote command execution vulnerability by crafting malicious search queries to download and execute a reverse shell payload.
This repository provides a detailed technical walkthrough of exploiting CVE-2014-6287 in Rejetto HTTP File Server 2.3, including reconnaissance, vulnerability identification, and privilege escalation steps using Metasploit and WinPEAS.
This PoC exploits CVE-2014-6287, a remote code execution vulnerability in Rejetto HTTP File Server (HFS) via macro injection. It sends a crafted HTTP request with a PowerShell reverse shell payload encoded in Base64 to the target.
This is a Python 3 rewrite of the CVE-2014-6287 exploit targeting Rejetto HTTP File Server (HFS) v2.3.x, enabling remote command execution via VBScript payloads and a reverse shell using nc.exe.
This is a Rust-based exploit for CVE-2014-6287, targeting Rejetto HTTP File Server (HFS) versions 2.3x before 2.3c. It leverages a null byte injection in the search function to execute arbitrary PowerShell commands, resulting in a reverse shell.
This exploit targets CVE-2014-6287 in Rejetto HTTP File Server 2.3.x, leveraging a remote command execution vulnerability via crafted search parameters. It delivers a VBScript payload to download and execute a reverse shell using Netcat.
This repository contains a functional Python exploit for CVE-2014-6287, targeting Rejetto HttpFileServer 2.3.x. The exploit abuses the search functionality to inject a crafted payload, enabling remote command execution via a GET request with a malformed search parameter.
This is a functional Python exploit for CVE-2014-6287, targeting Rejetto HttpFileServer 2.3.x. It leverages a command injection vulnerability in the search functionality to execute arbitrary commands on the target system.
This is a Python-based exploit for CVE-2014-6287, targeting HTTP File Server (HFS) 2.3.x. It executes arbitrary PowerShell commands via a reverse shell by leveraging a command injection vulnerability in the search parameter.
This repository contains a functional Python exploit for CVE-2014-6287, a blind remote command execution vulnerability in Rejetto HTTP File Server (HFS) 2.3.x. The exploit crafts a malicious HTTP request with a payload embedded in the 'search' parameter to execute arbitrary commands on the target system.
This is a Python3 exploit for CVE-2014-6287, targeting HttpFileServer 2.3.x. It leverages a remote command execution vulnerability by sending crafted HTTP requests to download and execute a reverse shell payload via SMB.
This repository contains a functional exploit for CVE-2014-6287, targeting Rejetto HTTP File Server 2.3.x. The exploit leverages a command injection vulnerability via the search parameter to execute a PowerShell reverse shell payload, with both Python and Bash scripts provided for execution.
This exploit targets CVE-2014-6287 in HttpFileServer 2.3.x, leveraging a remote command execution vulnerability via crafted search parameters. It downloads and executes a reverse shell payload (nc.exe) on the target system.
This repository contains a writeup and a Python-based exploit for CVE-2014-6287, a remote code execution vulnerability in Rejetto HTTP File Server (HFS) 2.3. The exploit leverages a null-byte injection in the search parameter to execute arbitrary commands.
This Metasploit module exploits a remote command execution vulnerability in Rejetto HttpFileServer (HFS) by bypassing a poor regex filter using '%00'. It leverages HFS scripting commands to save and execute a malicious VBScript payload, achieving RCE on vulnerable versions (≤ 2.3).
Nuclei Templates (1)
http.favicon.hash:2124459909
icon_hash=2124459909
References (8)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H