WS_FTP Server Vulnerabilities Alert

Progress Software has released a security advisory on September 27, 2023, regarding several vulnerabilities in the WS_FTP Server, a secure file transfer tool. Two of these are critical: CVE-2023-40044 and CVE-2023-42657. Notably, the .NET deserialization vulnerability (CVE-2023-40044) can be exploited with a single HTTPS POST request.

By September 30, Rapid7 identified numerous real-world exploitations of WS_FTP. The company strongly recommends users upgrade to WS_FTP Server 8.8.2, the most recent version. Instructions for the upgrade and disabling the Ad Hoc Transfer module can be found in the vendor's advisory.

The critical vulnerabilities include:

1. CVE-2023-40044: Existing in versions before 8.7.4 and 8.8.2, this vulnerability impacts the Ad Hoc Transfer module. It allows attackers to execute remote commands. Only installations with this module are at risk.
2. CVE-2023-42657: Versions prior to 8.7.4 and 8.8.2 are exposed to a directory traversal vulnerability, enabling attackers to manipulate files outside their authorized folder path.

Other significant vulnerabilities encompass:

• CVE-2023-40045: Reflected cross-site scripting (XSS) in the Ad Hoc Transfer module.
• CVE-2023-40046: SQL injection risk in the server manager interface.
• CVE-2023-40047: Stored XSS in the Server Management module.
• CVE-2023-40048: Absence of cross-site request forgery (CSRF) protection.
• CVE-2023-40049: Unauthorized user file enumeration.
• CVE-2022-27665: Reflected XSS vulnerability in WS_FTP Server 8.6.0.

Post the Cl0p ransomware group's attack in May 2023 on MOVEit Transfer, Progress Software's advisories have gained significant attention.

Given the potential risks, users are advised to upgrade without awaiting standard patch cycles. Only a complete installation upgrade can address this issue, necessitating a temporary system outage. If updating isn't feasible, consider disabling the Ad Hoc Transfer module.

About this post

Posted: 2023-10-03
By: dwirch
Viewed: 264 times

Categories

Security

News

Attachments

No attachments for this post

Comments

No comments have been added for this post.

Sorry. Comments are frozen for this article. If you have a question or comment that relates to this article, please post it in the appropriate forum.