4 matches found
CVE-2023-40045
In WSFTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting XSS vulnerability exists in WSFTP Server's Ad Hoc Transfer module. An attacker could leverage this vulnerability to target WSFTP Server users with a specialized payload which results in the execution of malicious...
Deserialization of untrusted data
In WSFTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WSFTP Server operating system...
CVE-2023-40044 WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability
In WSFTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WSFTP Server operating system...
PT-2023-6101 · Ipswitch · Ws Ftp Server
Name of the Vulnerable Software and Affected Versions: WS FTP Server versions 8.7.0 through 8.7.3 WS FTP Server versions 8.8.0 through 8.8.1 Description: A reflected cross-site scripting XSS vulnerability exists in WS FTP Server's Ad Hoc Transfer module. This vulnerability can be leveraged by an...