Add PoC exploit for CVE-2024-23692 - Githubissues

ronin-rb / community-pocs

A repository of PoCs for ronin-exploits

https://ronin-rb.dev

GNU General Public License v3.0

0 stars 2 forks source link

Add PoC exploit for CVE-2024-23692 #50

Open postmodern opened 2 months ago

postmodern commented 2 months ago

Add a PoC exploit for CVE-2024-23692, SSTI in Rejetto HTTP File Server that leads to command execution.

Reference PoCs

https://github.com/0x20c/CVE-2024-23692-EXP (nuclei template)
https://github.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS (includes detection script)
https://github.com/WanLiChangChengWanLiChang/CVE-2024-23692-RCE/blob/main/hfs.go#L63
https://github.com/k3lpi3b4nsh33/CVE-2024-23692/blob/main/CVE-2024-23692.py#L17 (command is ipconfig)

Vuln App

N/A

How to Submit a PoC

See the CONTRIBUTING file for instructions on how to submit a PoC exploit.