Today we have released a brand new lab related to CVE-2024-23692
A critical vulnerability affecting the Rejetto HTTP Server surfaced in May 2024 and has been exploited in the wild. Tracked as CVE-2024-23692, the vulnerability allows attackers to execute arbitrary code on the victim machine by leveraging template injection against a vulnerable HTTP server.
CVE-2024-23692 (Rejetto HFS Template Injection) – Offensive
In this lab, you'll exploit the vulnerability to achieve template injection via cross-site scripting (XSS) and enumerate the system.
Cyber Pro licensed users can access the new lab here.
CVE-2024-23692 (Rejetto HFS Template Injection) – Defensive
In this lab, you'll review access logs from this server to identify indicators of compromise and the HTTP GET request pattern used to exploit the vulnerability.
Cyber Pro licensed users can access the new lab here.
Immerser