WS_FTP Server Vulnerabilities Alert
No attachments for this post
Progress Software has released a security advisory on September 27, 2023, regarding several vulnerabilities in the WS_FTP Server, a secure file transfer tool. Two of these are critical: CVE-2023-40044 and CVE-2023-42657. Notably, the .NET deserialization vulnerability (CVE-2023-40044) can be exploited with a single HTTPS POST request.
By September 30, Rapid7 identified numerous real-world exploitations of WS_FTP. The company strongly recommends users upgrade to WS_FTP Server 8.8.2, the most recent version. Instructions for the upgrade and disabling the Ad Hoc Transfer module can be found in the vendor's advisory.
The critical vulnerabilities include:
- CVE-2023-40044: Existing in versions before 8.7.4 and 8.8.2, this vulnerability impacts the Ad Hoc Transfer module. It allows attackers to execute remote commands. Only installations with this module are at risk.
- CVE-2023-42657: Versions prior to 8.7.4 and 8.8.2 are exposed to a directory traversal vulnerability, enabling attackers to manipulate files outside their authorized folder path.
Other significant vulnerabilities encompass:
- CVE-2023-40045: Reflected cross-site scripting (XSS) in the Ad Hoc Transfer module.
- CVE-2023-40046: SQL injection risk in the server manager interface.
- CVE-2023-40047: Stored XSS in the Server Management module.
- CVE-2023-40048: Absence of cross-site request forgery (CSRF) protection.
- CVE-2023-40049: Unauthorized user file enumeration.
- CVE-2022-27665: Reflected XSS vulnerability in WS_FTP Server 8.6.0.
Post the Cl0p ransomware group's attack in May 2023 on MOVEit Transfer, Progress Software's advisories have gained significant attention.
Given the potential risks, users are advised to upgrade without awaiting standard patch cycles. Only a complete installation upgrade can address this issue, necessitating a temporary system outage. If updating isn't feasible, consider disabling the Ad Hoc Transfer module.
Comments on this post
No comments have been added for this post.
You must be logged in to make a comment.