CVE-2023-40044: Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability
First published: Wed Sep 27 2023(Updated: )
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Credit: security@progress.com security@progress.com security@progress.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Progress Ws Ftp Server | <8.7.4 | |
| Progress Ws Ftp Server | >=8.8<8.8.2 | |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/174917/Progress-Software-WS_FTP-Unauthenticated-Remote-Code-Execution.html
- https://attackerkb.com/topics/bn32f9sNax/cve-2023-40044
- https://censys.com/cve-2023-40044/
- https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023
- https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044
- https://www.progress.com/ws_ftp
- https://www.rapid7.com/blog/post/2023/09/29/etr-critical-vulnerabilities-in-ws_ftp-server/
- https://www.theregister.com/2023/10/02/ws_ftp_update/
- https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023;
- https://nvd.nist.gov/vuln/detail/CVE-2023-40044
Frequently Asked Questions
What is the severity of CVE-2023-40044?
The severity of CVE-2023-40044 is critical with a severity score of 8.8.
What is the affected software for CVE-2023-40044?
The affected software for CVE-2023-40044 is WS_FTP Server versions prior to 8.7.4 and 8.8.2.
How can a pre-authenticated attacker exploit this vulnerability?
A pre-authenticated attacker can exploit this vulnerability by leveraging a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Are there any suggested solutions or fixes for CVE-2023-40044?
To fix CVE-2023-40044, you should update your WS_FTP Server to version 8.7.4 or higher, or version 8.8.2 or higher.
Can you provide more information about CVE-2023-40044?
For more information about CVE-2023-40044, you can refer to the following references: [Link 1](https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023), [Link 2](https://www.progress.com/ws_ftp).
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/remedy
- agent/title
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/references
- agent/event
- agent/tags
- collector/nvd-cve
- source/NVD
- vendor/progress
- canonical/progress ws ftp server
- version/progress ws ftp server/8.8
- canonical/progress ws_ftp server