CVE-2020-13432

Name of the Vulnerable Software and Affected Versions rejetto HFS (aka HTTP File Server) version 2.3m Build #300

Description The issue allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers when virtual files or folders are used.

Recommendations For rejetto HFS (aka HTTP File Server) version 2.3m Build #300, consider disabling the use of virtual files or folders as a temporary workaround until a patch is available. Restrict access to the server to minimize the risk of exploitation by limiting concurrent HTTP requests.