Back to KEVs

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to...

Basic Information

CVE State: PUBLISHED
Reserved Date: September 09, 2014
Published Date: October 07, 2014
Last Updated: February 10, 2025
Vendor: Rejetto
Product: HTTP File Server
Description: The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.
Tags

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2022-03-25 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2021-12-02 15:15:09 UTC) Source

References

http://www.kb.cert.org/vuls/id/251276 https://www.exploit-db.com/exploits/39161/ http://packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote-Command-Execution.html https://github.com/rapid7/metasploit-framework/pull/3793 http://packetstormsecurity.com/files/135122/Rejetto-HTTP-File-Server-2.3.x-Remote-Code-Execution.html http://packetstormsecurity.com/files/160264/Rejetto-HttpFileServer-2.3.x-Remote-Command-Execution.html http://packetstormsecurity.com/files/161503/HFS-HTTP-File-Server-2.3.x-Remote-Code-Execution.html

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-03-25 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/rejetto_hfs_exec.rb	2025-04-29 11:01:39 UTC
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2014/CVE-2014-6287.yaml	2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

rejetto_hfs_exec

Type: metasploit • Created: Unknown

Metasploit module for CVE-2014-6287

10cks/CVE-2014-6287

Type: github • Created: 2024-06-12 06:08:19 UTC • Stars: 0

Rejetto http File Server 2.3.x (Reverse shell)

zhsh9/CVE-2014-6287

Type: github • Created: 2024-03-06 20:55:08 UTC • Stars: 0

Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c

mrintern/thm_steelmountain_CVE-2014-6287

Type: github • Created: 2021-12-03 12:13:35 UTC • Stars: 1

a python3 version of the exploit written for CVE-2014-6287. Useful for completing the "Steel Mountain" room on TryHackMe.com without the use of metasploit.

wizardy0ga/THM-Steel_Mountain-CVE-2014-6287

Type: github • Created: 2021-12-02 15:15:09 UTC • Stars: 0

A write up on the Steel Mountain box from TryHackMe.com and exploit for CVE-2014-6287

Timeline

CVE ID Reserved

September 09, 2014
CVE Published to Public

October 07, 2014
Proof of Concept Exploit Available

December 02, 2021
Added to KEVIntel

March 25, 2022
Detected by Nuclei

April 26, 2025
Detected by Metasploit

April 29, 2025