Rejetto · Rejetto Http File Server · CVE-2014-6287
**Name of the Vulnerable Software and Affected Versions**
Rejetto HTTP File Server versions 2.3x prior to 2.3c
**Description**
The issue allows remote attackers to execute arbitrary programs via a %00 sequence in a search action. This is due to a problem in the findMacroMarker function in parserLib.pas.
**Recommendations**
For versions 2.3x prior to 2.3c, update to version 2.3c or later to resolve the issue. As a temporary workaround, consider restricting access to the search action to minimize the risk of exploitation.