HTTP File Server versions 2.3a, 2.3b, and 2.3c suffer from a remote command execution vulnerability.