The vulnerability of the Ad hoc Transfer Module of the WS_FTP Server allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Ad hoc Transfer Module of the WSFTP Server server is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

NetBSD Security Vulnerabilities

NetBSD is an open source Unix-like operating system from the NetBSD Foundation. A security vulnerability exists in versions prior to NetBSD ftpd 20230930, which stems from a vulnerability that allows an attacker to disclose information about a host's file system before authenticating via the MLSD...

Skyhook - A Round-Trip Obfuscated HTTP File Transfer Setup Built To Bypass IDS Detections

Skyhook is a REST-driven utility used to smuggle files into and out of networks defended by IDS implementations. It comes with a pre-packaged web client that uses a blend of React, vanilla JS, and web assembly to manage file transfers. Key Links Download here See the user documentation to get...

Arbitrary File Overwrite

github.com/schollz/croc is vulnerable to Arbitrary File Overwrite. The vulnerability is due to the Croc protocol allowing a sender to specify an arbitrary path for the file transfer, which lacks validation to check if the file path will overwrite an existing file on the client side. An attacker c...

Arbitrary File Write

github.com/schollz/croc is vulnerable to Arbitrary File Write through crafted File Paths. The vulnerability is due to the Croc protocol which allows senders to specify sn arbitrary path for a file transfer. If the recipient doesn't already have a file with the same name, an attacker can exploit...

CVE-2023-40048

In WSFTP Server version prior to 8.8.2, the WSFTP Server Manager interface was missing cross-site request forgery CSRF protection on a POST transaction corresponding to a WSFTP Server administrative function...

WS_FTP Server Cross-Site Scripting Vulnerability

Progress Software WSFTP Server is an effective and highly manageable FTP server from Progress Software, USA. A cross-site scripting vulnerability exists in WSFTP Server versions prior to 8.8.2. An attacker could exploit this vulnerability to execute malicious JavaScript in the victim's browser...

WS_FTP Server Path Traversal Vulnerability

Progress Software WSFTP Server is an effective and highly manageable FTP server from Progress Software, USA. A security vulnerability exists in WSFTP Server versions prior to 8.7.4, 8.8.2. An attacker can exploit the vulnerability to read arbitrary files on the server running the application...

Progress Software WS_FTP Server Code Issue Vulnerability

Progress Software WSFTP Server is an effective and highly manageable FTP server from Progress Software, USA. A code issue vulnerability exists in Progress Software WSFTP Server versions prior to 8.7.4, 8.8.2. An attacker can exploit this vulnerability to remotely execute arbitrary commands...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to IBM MQ (CVE-2023-28513).

Summary Features requiring MQ client connectivity in IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to IBM MQ CVE-2023-28513. The fix includes IBM Managed File Transfer and IBM MQ classes for Java at version 9.2.0.15 Vulnerability Details...

CVE-2023-43619

An issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a .ssh/authorizedkeys file...

CVE-2023-43619

An issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a .ssh/authorizedkeys file...

Croc Security Breach

croc is a tool from the individual developers at Zack that allows any two computers to simply and securely transfer files and folders. A security vulnerability exists in Croc version 9.6.5 and earlier versions, which originates from a sender being able to place an ANSI or CSI escape sequence in a...

CVE-2023-43619

CVE-2023-43619 affects Croc up to version 9.6.5. The issue allows a sender to deliver dangerous files to a receiver (e.g., executable content or a .ssh/authorized_keys file). Impact details: potential high severity with local access vector and user interaction required, as indicated by the CVSS 3...

Croc Security Breach

croc is a tool from the individual developers at Zack that allows any two computers to simply and securely transfer files and folders. A security vulnerability exists in Croc version 9.6.5 and prior versions, which stems from a shared secret located on the command line that can be read by a local...

CVE-2022-47558

Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP service using default credentials. Exploitation of this vulnerability can allow an attacker to modify critical files that could allow the creation of new users, delete or modify existing users, modify configuration files, install...

PT-2023-15400 · Ekorccp +1 · Ekorccp +1

Name of the Vulnerable Software and Affected Versions: ekorCCP affected versions not specified ekorRCI affected versions not specified Description: The issue arises due to access to the FTP service using default credentials. This can allow an attacker to modify critical files, potentially leading...

Wing FTP Server Security Vulnerability

Wing FTP Server is a cross-platform FTP server software. A security vulnerability exists in Wing FTP Server 7.2.0 and earlier versions, which stems from a weak access control mechanism in the Admin Web Client that allows an attacker to perform elevation of privilege...

PT-2023-5770 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions prior to 8.7.4 and 8.8.2 Description: A directory traversal vulnerability was discovered in WS FTP Server, allowing an attacker to perform file operations such as delete, rename, rmdir, and mkdir on files and folders...

JSCAPE MFT Server Code Issue Vulnerability

JSCAPE MFT Server is a flexible and scalable hosted file transfer solution from JSCAPE USA. A security vulnerability exists in JSCAPE MFT Server versions prior to 2023.1.9 that stems from the presence of insecure deserialization, which allows an attacker to run arbitrary Java code through its...