Detects and mitigates rejetto hfs spray-and-pray ransomware/trojan campaign

Intel Name: Detects and mitigates rejetto hfs spray-and-pray ransomware/trojan campaign

Date of Scan: August 11, 2025

Impact: Medium

Summary:
On July 19, researchers detected a surge of HTTP probes aimed at Rejetto HTTP File Server (HFS) 2.x systems, revealing a coordinated spray‑and‑pray campaign exploiting a critical unauthenticated server‑side template injection (SSTI) vulnerability (CVE‑2024‑23692, CVSS 9.8) that permits arbitrary command execution via a single crafted request.

More Details