CVE-2024-6633 Insecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)

The default credentials for the setup HSQL database HSQLDB for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software. The HSQLDB is only included to facilitate...

FileCatalyst Workflow 信任管理问题漏洞

FileCatalyst Workflow is a browser-based large file transfer solution from FileCatalyst, Inc. A security vulnerability exists in FileCatalyst Workflow that stems from the use of default credentials has been posted in the Vendor Knowledge Base article...

PT-2024-37762 · Filecatalyst · Filecatalyst Workflow

Name of the Vulnerable Software and Affected Versions: FileCatalyst Workflow versions up to 5.1.6 Build 139 Description: The default credentials for the setup HSQL database HSQLDB for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to ...

PT-2024-37761 · Unknown · Filecatalyst Workflow

Name of the Vulnerable Software and Affected Versions: FileCatalyst Workflow versions 5.1.6 and earlier Description: A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack, which can lead to a loss of...

Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)

This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow use auxiliary/admin/http/fortrafilecatalystworkflowsqli msf auxiliaryfortrafilecatalystworkflowsqli show actions ...actions... msf auxiliaryfortrafilecatalystworkflowsqli set ACTION msf...

A week in security (June 24 – June 30)

Last week on Malwarebytes Labs: TEMU sued for being "dangerous malware" by Arkansas Attorney General Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more "Poseidon" Mac stealer distributed via Google ads Federal Reserve "breached" data m...

Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application

A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow versions 5.1.6 Build 135...

The vulnerability of the software for FileCatalyst Workflow’s file exchange mechanism lies in the lack of protective measures for the SQL query structure, allowing attackers to exploit their privileges.

The vulnerability of the FileCatalyst Workflow file sharing software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges by injecting specially crafted SQL queries...

CVE-2024-5276

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...

CVE-2024-5276 SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...

CVE-2024-5276 SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...

PT-2024-4324 · Fortra · Filecatalyst Workflow

Name of the Vulnerable Software and Affected Versions: Fortra FileCatalyst Workflow versions 5.1.6 Build 135 and earlier Description: The issue is related to a SQL injection vulnerability that allows an attacker to modify application data. This can likely result in the creation of administrative...

CVE-2024-5275

CVE-2024-5275 involves a hard-coded password in the FileCatalyst TransferAgent that can unlock the keystore and expose contents such as private keys, enabling potential MiTM on affected users. Affected products and versions: FileCatalyst Direct 3.8.10 Build 138 and earlier, and FileCatalyst Workf...

FileCatalyst Direct Security Vulnerability

FileCatalyst Direct is a pure software solution that uses a server-client architecture to manage and accelerate file transfers. A security vulnerability exists in FileCatalyst Direct 3.8.10 Build 138 and earlier and FileCatalyst Workflow 5.1.6 Build 130 and earlier, which stems from the presence ...

Fortra FileCatalyst Workflow Detection

Binary data fortrafilecatalystworkflowdetect.nbin...

FileCatalyst Workflow ftpservlet file upload

Added: 04/08/2024 Background FileCatalyst Workflow is a managed file transfer product. Problem The ftpservlet component in the FileCatalyst Workflow web portal is affected by a directory traversal vulnerability which could allow an anonymous user to upload files to arbitrary locations. This leads...

The vulnerability of the ftpservlet component of the FileCatalyst Workflow software allows a perpetrator to execute arbitrary code.

The vulnerability of the ftpservlet component in the FileCatalyst Workflow software lies in errors during the processing of HTTP POST requests. Exploiting this vulnerability allows an attacker to execute arbitrary code by loading specially crafted JSP files remotely...

CVE-2024-25153

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially craft...

Directory traversal

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially craft...

CVE-2024-25153 Remote Code Execution in FileCatalyst Workflow 5.x prior to 5.1.6 Build 114

A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially craft...