Arbitrary Code Execution via Invalid UTF-8 Byte Sequences in Rejetto HTTP File Server (HFS) 2.3c and Earlier
CVE-2014-7226 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols.
Learn more about our Cis Benchmark Audit For Server Software.