cpe:/a:rejetto:http_file_server:2.3b CVE-2014-6287 2014-10-07T06:55:04.493-04:00 2016-12-06T22:00:55.607-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2014-10-07T22:15:14.353-04:00 EXPLOIT-DB 39161 CERT-VN VU#251276 MISC http://packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote-Command-Execution.html MISC http://packetstormsecurity.com/files/135122/Rejetto-HTTP-File-Server-2.3.x-Remote-Code-Execution.html MISC https://github.com/rapid7/metasploit-framework/pull/3793 The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.