Pierluigi Paganini September 30, 2023

Progress Software has addressed a critical severity vulnerability in its WS_FTP Server software used by thousands of IT teams worldwide.

Progress Software warned customers to address a critical severity vulnerability, tracked as CVE-2023-40044 (CVSS score 10), in its WS_FTP Server software which is used by thousands of IT teams worldwide.

“The WS_FTP team recently discovered vulnerabilities in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. All versions of WS_FTP Server are affected by these vulnerabilities.” reads the advisory from the vendor.

A pre-authenticated, remote attacker could leverage a .NET deserialization issue in the Ad Hoc Transfer module to execute arbitrary commands on the underlying WS_FTP Server operating system.  

The issue affects WS_FTP Server versions prior to 8.7.4 and 8.8.2.

“In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.” reads the advisory.

In an advisory published on Wednesday, Progress disclosed multiple vulnerabilities impacting the software’s manager interface and Ad hoc Transfer Module.

Progress Software also addressed a directory traversal vulnerability tracked as CVE-2023-42657 (CVSS score 9.9). An attacker can trigger this flaw to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. 

“In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered.  An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path.” reads the advisory. “Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.”

Progress Software strongly recommends installing the security updates, the latest version addressing the flaws is 8.8.2.

The company also published instructions on how to remove or disable the vulnerable WS_FTP Server Ad Hoc Transfer Module. 

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, WS_FTP Server)