exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2024-39943

больше 1 года назад

rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).

CVSS3: 9.9

EPSS: Высокий

GHSA-5f4x-hwv2-w9w2

больше 1 года назад

rejetto HFS vulnerable to OS Command Execution by remote authenticated users

CVSS3: 9.9

EPSS: Высокий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-39943 rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).	CVSS3: 9.9	78% Высокий	больше 1 года назад
	GHSA-5f4x-hwv2-w9w2 rejetto HFS vulnerable to OS Command Execution by remote authenticated users	CVSS3: 9.9	78% Высокий	больше 1 года назад

Уязвимостей на страницу