CVE-2024-23692

Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerability. This allows a remote, unauthenticated attacker to execute commands on the affected system by sending a specially crafted HTTP request. Vendor/Product: Rejetto HTTP File Server. Added to CISA KEV 2024-07-09; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.