Share
## https://sploitus.com/exploit?id=0BE04993-F383-51FE-9C8D-B68EFE8E7474
# Unauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692) - exploit code

CVE-2024-23692 is a critical vulnerability in Rejetto HTTP File Server (HFS) version 2.3m, allowing unauthenticated remote code execution (RCE).

This flaw enables attackers to execute arbitrary code on the server, posing significant security risks. In this post, we examine Rejetto HFS, the affected versions, the impact of the vulnerability, and the timeline of its discovery and remediation.

## Usage
Exploit script:
```
python3 exploit.py <target_ip> <target_port> <cmd>

# Example:
python3 exploit.py 192.168.130.100 80 calc
```

Detection script:
```
python detect.py <target_ip> <target_port>
```

## Disclaimer
This exploit script has been created solely for research and the development of effective defensive techniques. It is not intended to be used for any malicious or unauthorized activities. The script's author and owner disclaim any responsibility or liability for any misuse or damage caused by this software. Just so you know, users are urged to use this software responsibly and only by applicable laws and regulations. Use responsibly.