SAINT CorporationSAINT:20DEC8F61CF204B9B79FBBA0C362A2ABFileCatalyst Workflow ftpservlet file upload
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.9%
Added: 04/08/2024
Background
FileCatalyst Workflow is a managed file transfer product.
Problem
The **ftpservlet** component in the FileCatalyst Workflow web portal is affected by a directory traversal vulnerability which could allow an anonymous user to upload files to arbitrary locations. This leads to remote command execution if a JSP file is uploaded to the document root.
Resolution
Upgrade to FileCatalyst 5.1.6 Build 114 or higher.
References
<https://www.fortra.com/security/advisory/fi-2024-002>
<https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/>
Limitations
If this exploit succeeds, the web shell must be removed manually.
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.9%