Security News > 2023 > October > Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities in WS FTP Server, another popular secure file transfer solution.
CVE-2023-40044 is a.NET deserialization vulnerability that could allow an unauthenticated threat actor to execute remote commands on the underlying WS FTP Server operating system, and can be exploited via a HTTPS POST request.
CVE-2023-42657 is a directory traversal vulnerability that could allow a threat actor to perform file operations on files and folders outside of their authorized WS FTP folder path.
If updating is impossible, the risk of exploitation can be mitigated by removing or disabling the WS FTP Server Ad hoc Transfer Module.
NET deserialization issue that led to RCE. It's surprising that this bug has stayed alive for so long, with the vendor stating that most versions of WS FTP are vulnerable," explained Assetnote researchers, who discovered and reported the vulnerability.
Among them is also a reflected cross-site scripting vulnerability in the Ad Hoc Transfer module, which could be exploited to target WS FTP Server users with a specialized payload to execute malicious JavaScript within the context of the victim's browser.
News URL
https://www.helpnetsecurity.com/2023/10/02/cve-2023-40044/
Related news
- A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (source)
- Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining (source)
- AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) (source)
- New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks (source)
- Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) (source)
- Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw (source)
- Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-27 | CVE-2023-42657 | Path Traversal vulnerability in Progress WS FTP Server In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system. | 9.6 |
2023-09-27 | CVE-2023-40044 | Deserialization of Untrusted Data vulnerability in Progress WS FTP Server In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. | 8.8 |