| Progress Software released information regarding multiple vulnerabilities, several critical, in their WS_FTP Server software. These flaws were discovered in the WS_FTP Server Ad hoc Transfer Module and the WS_FTP Server manager interface. |
| The most critical of the vulnerabilities is CVE-2023-40044, which has the highest severity rating of 10/10, and affects WS_FTP Server versions prior to 8.7.4 and 8.8.2. If exploited, a pre-authenticated threat actor could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system. Proof-of-concept exploit code for CVE-2023-40044 is publicly available. |
| Additionally, CVE-2023-42657, which has a severity rating of 9.9/10, is a directory traversal vulnerability affecting WS_FTP Server versions prior to 8.7.4 and 8.8.2. An attacker could leverage this vulnerability to perform file operations on files and folders outside of their authorized WS_FTP folder path. Threat actors could also escape the context of the WS_FTP Server file structure and perform the same level of operations on file and folder locations on the underlying operating system. |
| According to Rapid7, attempts to exploit the disclosed WS_FTP vulnerabilities were observed in multiple customer environments. They provide indicators of compromise, process execution chains, and other technical details in their blog post. A full write-up of CVE-2023-40044 was also published by Assetnote. |