overview
Two critical vulnerabilities have been found in Progress Software’s WS_FTP Server secure file transfer software. The vulnerabilities are being tracked as CVE-2023-40044 and CVE-2023-42657. The first vulnerability, CVE-2023-40044, has a CVSS score of 10 and allows attackers to execute remote commands following the successful exploitation of a .NET deserialization vulnerability within the Ad Hoc Transfer module. If successful, an attacker could ultimately gain control of a system.
The second vulnerability, CVE-2023-42657, is a directory traversal vulnerability with a CVSS score of 9.9. This bug could allow attackers to perform file operations (delete, rename, rmdir, mkdir) beyond the authorized WS_FTP folder path. Also, attackers could evade the context of the WS_FTP Server's file structure, allowing them to execute the same actions such as deleting, renaming, managing directories, and creating directories on the underlying operating system.
Progress Software has rated both vulnerabilities with a CVSS:3.1 rating, indicating that attackers can exploit them with low-complexity attacks that do not require user interaction. Progress Software has also patched six other less severe vulnerabilities within their software’s manager interface and Ad hoc Transfer Module. You may find more information on those vulnerabilities in their security bulletin.
Because thousands of IT teams across the world use the secure file transfer software, Avertium recommends that all users upgrade to the latest version of the WS_FTP Server software as soon as possible.
INDICATORS OF COMPROMISE (IoCs)
At this time, there are no known IoCs associated with CVE-2023-40044 and CVE-2023-42657. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.SUPPORTING DOCUMENTATION