Technical Severity
CRITICALCVSS v3.1 Metrics
9.8
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitation Likelihood
EPSS Prediction
99.32
%
Predictive Probability
Percentile Rank
99.9
th
Documented as more likely to be exploited than 99.9% of known CVEs.
Detection Date
Mar 25, 2022
Remediation Due
Apr 15, 2022
CISA Catalog Active
Threat Analysis
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attackers to execute arbitrary programs.
Remediation Directive
Apply updates per vendor instructions.