Search Tools Links Login

WS_FTP Server Vulnerabilities Alert

Progress Software has released a security advisory on September 27, 2023, regarding several vulnerabilities in the WS_FTP Server, a secure file transfer tool. Two of these are critical: CVE-2023-40044 and CVE-2023-42657. Notably, the .NET deserialization vulnerability (CVE-2023-40044) can be exploited with a single HTTPS POST request.

By September 30, Rapid7 identified numerous real-world exploitations of WS_FTP. The company strongly recommends users upgrade to WS_FTP Server 8.8.2, the most recent version. Instructions for the upgrade and disabling the Ad Hoc Transfer module can be found in the vendor's advisory.

The critical vulnerabilities include:

  1. CVE-2023-40044: Existing in versions before 8.7.4 and 8.8.2, this vulnerability impacts the Ad Hoc Transfer module. It allows attackers to execute remote commands. Only installations with this module are at risk.
  2. CVE-2023-42657: Versions prior to 8.7.4 and 8.8.2 are exposed to a directory traversal vulnerability, enabling attackers to manipulate files outside their authorized folder path.

Other significant vulnerabilities encompass:

Post the Cl0p ransomware group's attack in May 2023 on MOVEit Transfer, Progress Software's advisories have gained significant attention.

Given the potential risks, users are advised to upgrade without awaiting standard patch cycles. Only a complete installation upgrade can address this issue, necessitating a temporary system outage. If updating isn't feasible, consider disabling the Ad Hoc Transfer module.

About this post

Posted: 2023-10-03
By: dwirch
Viewed: 232 times





No attachments for this post

Loading Comments ...


No comments have been added for this post.

You must be logged in to make a comment.