Progress WS_FTP Server < 8.7.4, 8.8.0 < 8.8.2 Multiple Vulnerabilities

The remote host is running a version of WSFTP earlier than 8.7.4 or 8.8.0 prior to 8.8.2. Such versions are reportedly affected by multiple vulnerabilities : - A pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands...

CVE-2023-42657

creationtimestamp| type| source ---|---|--- 2023-09-29 11:44:51+00:00| seen| https://t.me/kasperskyb2b/906 2023-09-29 18:00:07+00:00| seen| https://t.me/truesecator/4912 2023-10-10 12:40:03+00:00| exploited| https://t.me/bizonechannel/926 2025-08-31 03:13:01+00:00| seen|...

CVE-2023-42657 WS_FTP Server Directory Traversal

In WSFTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations delete, rename, rmdir, mkdir on files and folders outside of their authorized WSFTP folder path. Attackers could also...

CVE-2023-42657

CVE-2023-42657 affects Progress WS_FTP Server, in versions prior to 8.7.4 and 8.8.2. The vulnerability is a directory traversal flaw in the server’s file handling that allows an unauthenticated or less-privileged user to perform file operations (delete, rename, rmdir, mkdir) outside the designate...