Title: Critical security vulnerabilities in WS_FTP Server: Progress Software releases urgent fixes
Progress Software has unveiled hotfixes to address a critical security vulnerability and seven other potential threats in the WS_FTP Server Ad hoc Transfer Module and the WS_FTP Server manager interface.
The most severe security flaw, registered as CVE-2023-40044 with a CVSS score of 10.0, affects every variant of the software. On WS_FTP Server versions earlier than 8.7.4 and 8.8.2, a pre-authenticated cyber attacker could exploit a .NET deserialization bug in the Ad Hoc Transfer module. This flaw allows the attacker to execute remote commands on the underlying WS_FTP Server operating system. Security researchers, Shubham Shah, and Sean Yeoh have been recognized for discovering and reporting this vulnerability.
The remaining vulnerabilities, impacting WS_FTP Server versions prior to 8.8.2, are:
1. CVE-2023-42657 (CVSS score: 9.9): A directory traversal risk that could allow the execution of file operations.
2. CVE-2023-40045 (CVSS score: 8.3): A reflected cross-site scripting (XSS) vulnerability in WS_FTP Server’s Ad Hoc Transfer module this could execute arbitrary JavaScript.
3. CVE-2023-40047 (CVSS score: 8.3): A stored XSS vulnerability exists in WS_FTP Server’s Management module that could be exploited to trigger XSS payloads in the victim’s browser.
4. CVE-2023-40046 (CVSS score: 8.2): An SQL injection vulnerability that could extract database information and execute SQL statements altering or deleting its contents.
5. CVE-2023-40048 (CVSS score: 6.8): A cross-site request forgery (CSRF) vulnerability in WS_FTP Server Manager interface.
6. CVE-2022-27665 (CVSS score: 6.1): A reflected XSS vulnerability that can lead to execution of malicious code.
7. CVE-2023-40049 (CVSS score: 5.3): An authentication bypass vulnerability allowing users to enumerate files.
The cybersecurity community urges users of Progress Software to take immediate action to apply these security patches given the recent interest in these flaws by ransomware groups such as Cl0p.
Progress Software is currently addressing issues associated with a widespread hack affecting its MOVEit Transfer secure file transfer platform. This hack, which took place in May 2023, affected over 2,100 organizations and more than 62 million individuals.
In conclusion, CVE-2023-40044 is highlighted as a common .NET deserialization issue leading to RCE. It’s surprising that this bug persisted for so long, given the vulnerability of the majority of the WS_FTP versions. Rapid action is needed to apply the fixes to mitigate the risks associated with these cybersecurity vulnerabilities.