1. Executive Summary A remote code execution (RCE) vulnerability, colloquially dubbed “RoughMan Injection” , was discovered in the legacy file‑sharing platform RapidShare 1 . The flaw allowed an attacker to inject arbitrary server‑side script payloads through specially crafted HTTP requests, bypassing authentication and achieving execution under the web‑application’s privileges. The issue was disclosed to the vendor in early 2024 and a full patch (v1.0.3) was released on 30 March 2024. All public instances of RapidShare 1 have been advised to upgrade immediately. 2. Affected Component | Component | Version(s) | Deployment | Entry Point | |-----------|------------|------------|-------------| | RapidShare 1 – Web front‑end (PHP) | 1.0.0 – 1.0.2 | On‑premise & legacy hosted SaaS | upload.php , share.php , download.php (any endpoint that processes the filename or metadata GET/POST parameters) |