Lucene search

K
thnThe Hacker NewsTHN:64F9031DB04E714CF10F0FFF3243CD62
HistoryMar 18, 2024 - 12:58 p.m.

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

2024-03-1812:58:00
The Hacker News
thehackernews.com
26
fortra
filecatalyst
rce vulnerability
security flaw
cve-2024-25153
directory traversal
web shell
cve numbering authority
lrqa nettitude
proof-of-concept
filecatalyst direct
information leakage
fortra goanywhere
threat actors

AI Score

9

Confidence

Low

EPSS

0

Percentile

10.5%

RCE Vulnerability

Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.

Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.

“A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request,” the company said in an advisory last week.

“In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.”

Cybersecurity

The vulnerability, the company said, was first reported on August 9, 2023, and addressed two days later in FileCatalyst Workflow version 5.1.6 Build 114 without a CVE identifier. Fortra was authorized as a CVE Numbering Authority (CNA) in early December 2023.

Security researcher Tom Wedgbury of LRQA Nettitude has been credited with discovering and reporting the flaw. The company has since released a full proof-of-concept (PoC) exploit, describing how the flaw could be weaponized to upload a web shell and execute arbitrary system commands.

Also resolved by Fortra in January 2024 are two other security vulnerabilities in FileCatalyst Direct (CVE-2024-25154 and CVE-2024-25155) that could lead to information leakage and code execution.

With previously disclosed flaws in Fortra GoAnywhere managed file transfer (MFT) coming under heavy exploitation last year by threat actors like Cl0p, it’s recommended that users have applied the necessary updates to mitigate potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

AI Score

9

Confidence

Low

EPSS

0

Percentile

10.5%

Related for THN:64F9031DB04E714CF10F0FFF3243CD62