Progress Software has released security updates to address new SQL injection vulnerabilities in the MOVEit Transfer application.
An attacker can exploit the SQL injection vulnerabilities in the MOVEit Transfer solution to steal sensitive information.
“SQL Injection (CVE pending MITRE) In Progress MOVEit Transfer versions released before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), 2023.0.2 (15.0.2), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized access to the MOVEit Transfer database.” reads the advisory published by the company. “An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content.”
All versions of MOVEit Transfer are affected by these vulnerabilities.
The vulnerabilities were discovered by researchers from the cybersecurity firm Huntress.
The good news is that Progress Software is not aware of attacks in the wild exploiting these vulnerabilities.
Recently another MOVEit Transfer vulnerability, tracked as CVE-2023-34362, made the headlines.
The vulnerability is a SQL injection vulnerability, it can be exploited by an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.
The Clop ransomware gang claims to have hacked hundreds of companies by exploiting the above issue.
Kroll researchers discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, cyberattack)
Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target…
The City of Wichita disclosed a data breach after the ransomware attack that hit the…
CISA adds two D-Link DIR-600 and DIR-605 router vulnerabilities to its Known Exploited Vulnerabilities catalog. The…
CISA adds two Chrome zero-day vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity…
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware.…
Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party…
This website uses cookies.