Friday, January 24, 2025
HomeCyber Security NewsProgress Software Warns of Critical Vulnerability in WS_FTP Server

Progress Software Warns of Critical Vulnerability in WS_FTP Server

Published on

SIEM as a Service

Follow Us on Google News

Multiple vulnerabilities have been discovered in Progress’s WS_FTP, which include .NET deserialization, directory traversal, reflected cross-site scripting (XSS), SQL injection, stored cross-site scripting, cross-site request forgery, and unauthenticated user enumeration vulnerability.

These vulnerabilities’ severities range from 5.3 (Medium) to 10.0 (Critical). However, Progress has released patches for fixing these vulnerabilities in the WS_FTP server. 

Moreover, the MOVEit file transfer application, which was one of the most exploited applications by threat actors, is also owned by Progress.

Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Technical Analysis

The most critical vulnerabilities were CVE-2023-40044 and CVE-2023-42657. CVE-2023-40044 was a .NET deserialization vulnerability that an attacker could exploit to execute remote commands on the WS_FTP Server operating system. This vulnerability had a severity of 10.0 (Critical).

CVE-2023-42657 was associated with a directory traversal vulnerability which threat actors can use to perform file operations like delete, rename, rmdir, mkdir on files and folders outside of the WS_FTP folder path.

High Severity Vulnerabilities

In addition to this, three high-severity vulnerabilities were discovered on the WS_FTP server, which were CVE-2023-40045, CVE-2023-40046, and CVE-2023-40047. CVE-2023-40045 and CVE-2023-40047 had a severity score of 8.3 (High) and were related to reflected cross-site scripting and stored reflected cross-site scripting.

CVE-2023-40046 was linked with a SQL injection vulnerability that threat actors can use for gathering information about the structure and contents of the SQL database. This vulnerability can also be used to execute SQL for altering or deleting the database elements. 

Medium Severity Vulnerabilities

As for the Medium severity vulnerabilities, CVE-2023-40048 (CSRF – 6.8 (Medium)), CVE-2023-27665 (Reflected XSS – 6.1 (Medium)) and CVE-2023-40049 (Unauthenticated user enumeration) were discovered.

A security advisory has been published by Progress, which provides detailed information about these vulnerabilities. 

Fixed in Version

Fixed VersionDocumentationRelease Notes
WS_FTP Server 2020.0.4 (8.7.4)Upgrade DocumentationWS_FTP Server 2020
WS_FTP Server 2022.0.2 (8.8.2)Upgrade DocumentationWS_FTP Server 2022

Users of the Progress WS_FTP server are recommended to upgrade to the latest version, 8.8.2 in order to fix these vulnerabilities from getting exploited by threat actors.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...