| Reporter | Title | Published | Views | Family All 27 |
|---|---|---|---|---|
| Progress Software WS_FTP Unauthenticated Remote Code Execution Exploit | 4 Oct 202300:00 | – | zdt | |
| Exploit for Deserialization of Untrusted Data in Progress Ws_Ftp_Server | 2 Oct 202314:55 | – | githubexploit | |
| CVE-2023-40044 | 27 Sep 202300:00 | – | attackerkb | |
| The vulnerability of the Ad hoc Transfer Module of the WS_FTP Server allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information. | 6 Oct 202300:00 | – | bdu_fstec | |
| CVE-2023-40044 | 29 Sep 202308:31 | – | circl | |
| Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability | 5 Oct 202300:00 | – | cisa_kev | |
| CISA Adds Three Known Exploited Vulnerabilities to Catalog | 5 Oct 202312:00 | – | cisa | |
| Progress Software WS_FTP Server Code Issue Vulnerability | 27 Sep 202300:00 | – | cnnvd | |
| CVE-2023-40044 | 27 Sep 202314:48 | – | cve | |
| CVE-2023-40044 WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability | 27 Sep 202314:48 | – | cvelist |
id: CVE-2023-40044
info:
name: WS_FTP Server - Insecure Deserialization
author: 0x_Akoko
severity: critical
description: |
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
impact: |
Unauthenticated attackers can exploit .NET deserialization vulnerability in the Ad Hoc Transfer module to execute arbitrary commands on the WS_FTP Server, potentially compromising the entire file transfer infrastructure and accessing all transferred files.
remediation: |
Update Progress WS_FTP Server to version 8.7.4 or 8.8.2 or later that properly validates deserialization input in the Ad Hoc Transfer module.
reference:
- https://attackerkb.com/topics/bn32f9sNax/cve-2023-40044
- https://censys.com/cve-2023-40044/
- https://www.progress.com/ws_ftp
- https://www.rapid7.com/blog/post/2023/09/29/etr-critical-vulnerabilities-in-ws_ftp-server/
- https://www.theregister.com/2023/10/02/ws_ftp_update/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2023-40044
cwe-id: CWE-502
epss-score: 0.9015
epss-percentile: 0.99782
cpe: cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*
metadata:
verified: true
shodan-query: title:"Ad Hoc Transfer"
max-request: 1
vendor: progress
product: ws_ftp_server
tags: cve,cve2023,ws_ftp,kev,passive,vkev
http:
- method: GET
path:
- "{{BaseURL}}/AHT/AHT_UI/public/js/app.min.js"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- '/\*! fileTransfer \d+-(0[1-9]|1[0-2])-(19\d{2}|20[01]\d|202[0-2]) \*/'
- '/\*! fileTransfer \d+-(0[1-8])-2023 \*/'
condition: or
- type: status
status:
- 200
extractors:
- type: regex
part: body
regex:
- '\d+-(0[1-9]|1[0-2])-(19\d{2}|20[01]\d|202[0-2])'
- '\d+-(0[1-8])-2023'
# digest: 490a004630440220703e1ec68f281a0ce494cff2e2a63a396473bb413cc5bdfe69b4d1f5b863cf14022078d0112bba5feeecfd4afa860f183398c1195a3e71bc6050b1536417e1912f2e:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation