CVE-2025-13147

Server-Side Request Forgery SSRF vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4...

CVE-2025-13147 External Service Interaction (DNS)

Server-Side Request Forgery SSRF vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4...

PT-2025-47528

Name of the Vulnerable Software and Affected Versions Progress MOVEit Transfer versions prior to 2024.1.8 Progress MOVEit Transfer versions 2025.0.0 through 2025.0.3 Description A Server-Side Request Forgery SSRF vulnerability exists in Progress MOVEit Transfer. This type of issue allows an...

EUVD-2024-47648

Malicious code in bioql PyPI...

CVE-2021-38159

In certain Progress MOVEit Transfer versions before 2021.0.4 aka 13.0.4, SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...

The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer allows a perpetrator to bypass authentication processes and gain increased privileges.

The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to bypass the authentication process and gain increased privilege...

CVE-2024-6576

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

CVE-2024-6576 MOVEit Transfer Privilege Escalation Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

CVE-2024-6576

CVE-2024-6576 - Progress MOVEit Transfer (SFTP module) : Affected MOVEit Transfer versions include 2023.0.0–2023.0.11, 2023.1.0–2023.1.6, and 2024.0.0–2024.0.2, with a root cause described as an improper authentication vulnerability that can lead to privilege escalation. Remediation per sources: ...

PT-2024-5295 · Progress · Progress Moveit Transfer

Name of the Vulnerable Software and Affected Versions: Progress MOVEit Transfer versions 2023.0.0 through 2023.0.11 Progress MOVEit Transfer versions 2023.1.0 through 2023.1.6 Progress MOVEit Transfer versions 2024.0.0 through 2024.0.2 Description: The issue is related to improper authentication ...

Progress MOVEit Transfer 2017 < 9.0.0.201, Ipswitch MOVEit DMZ < 8.2 / 8.2 < 8.2.0.20 / 8.3 < 8.3.0.30 SQL Injection (CVE-2017-6195)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by a pre-authentication blind SQL injection vulnerability as referenced in Progress Community article 000192008. - Ipswitch MOVEit Transfer formerly DMZ allows pre-authentication blind...

The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer allows a perpetrator to enhance their privileges.

The vulnerability of the SFTP software module for processing and transmitting confidential data in Progress MOVEit Transfer is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers, operating remotely, to increase their privileges...

Progress MOVEit Transfer 2023.0.x < 2023.0.11 / 2023.1.x < 2023.1.6 / 2024.0.x < 2024.0.2 Authentication Bypass (June 2024)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by an authentication bypass vulnerability as referenced in Progress Community article 000259290. - Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead...

CVE-2024-5806

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

CVE-2024-5806

CVE-2024-5806 affects the MOVEit Transfer SFTP module. The issue is an Improper Authentication vulnerability that can lead to an Authentication Bypass . Affected versions include MOVEit Transfer 2023.0.x prior to 2023.0.11, 2023.1.x prior to 2023.1.6, and 2024.0.x prior to 2024.0.2. Root cause is...

Progress MOVEit Transfer < 2022.0.10 / 2022.1 < 2022.1.11 / 2023.0 < 2023.0.8 / 2023.1 < 2023.1.3 Multiple Vulnerabilities (January 2024)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is therefore, affected by multiple vulnerabilities as referenced in Progress Community article 000249475. - In Progress MOVEit Transfer versions released before 2022.0.10 14.0.10, 2022.1.11 14.1.11...

Progress MOVEit Transfer < 2022.0.9 / 2022.1 < 2022.1.10 / 2023.0 < 2023.0.7 / 2023.1.1 Multiple Vulnerabilities (November 2023)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is prior to 2022.0.9, 2022.1 prior to 2022.1.10, 2023.0 prior to 2023.0.7 or 2023.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in Progress Community article 000246898. ...

Progress MOVEit Transfer Security Vulnerability

Progress MOVEit Transfer is a secure hosted file transfer application from Progress. A security vulnerability exists in Progress MOVEit Transfer that stems from the presence of an elevation of privilege vulnerability. Affected products and versions: Progress MOVEit Transfer versions prior to...

Progress MOVEit Transfer < 2021.1.8 / 2022.0 < 2022.0.8, 2022.1 < 2022.1.9 / 2023.0 < 2023.0.6 Multiple Vulnerabilities (September 2023)

The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is prior to 2021.1.8 / 2022.0 2022.0.8, 2022.1 2022.1.9 / 2023.0 2023.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in Progress Community article 000241629. - In Progres...

Progress MOVEit Transfer Cross-Site Scripting Vulnerability

Progress MOVEit Transfer is a secure hosted file transfer application from Progress. A security vulnerability exists in Progress MOVEit Transfer. An attacker could exploit the vulnerability to execute malicious JavaScript in the victim's browser environment...