Admins urged to quickly patch holes in WS_FTP file transfer server

Share post:

Another set of critical vulnerabilities has been found in a file transfer application, raising worries that, if exploited before being patched, it too will lead to a huge number of data breaches.

Progress Software said this week the eight vulnerabilities — two of which are rated critical — have been found in its WS_FTP Server, used for the secure transfer of critical data.

The holes are in the Ad hoc Transfer Module and in the software’s manager interface.

“All versions of WS_FTP Server are affected by these vulnerabilities,” the company said. “We have addressed these issues and have made version-specific hotfixes available for customers to remediate them.”

The company told The Record that so far it hasn’t seen the vulnerabilities being exploited.

On its website, Progress Software lists case studies of a number of major organizations that have used WS_FTP, including a U.S. school district, a game company, and the Denver Broncos NFL team.

A zero-day vulnerability in Progress Software’s MOVEit file transfer application discovered by the Clop/Cl0p ransomware gang has led to over 2,000 hacks of MOVEit servers and the theft of information of an estimated 62 million people.

Other file transfer applications whose vulnerabilities have led to mass hacks over the past two years include Fortra’s GoAnywhere MFTAccellion FTA and IBM’s Aspera Faspex.

This category of applications may be tempting for threat actors to find holes in because their servers would have large volumes of data sitting there. While secure file transfer servers should have protection for data at rest, if an attacker can get administrator access that could defeat the encryption.

The critical vulnerabilities in WS_FTP include:

CVE-2023-40044 
CVSS score: 10

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system;

CVE-2023-42657
CVSS score: 9.9 

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered.  An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path.  Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.

The post Admins urged to quickly patch holes in WS_FTP file transfer server first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Costs from Global CrowdStrike Outage Could Exceed $1 Billion

The global tech outage caused by a faulty CrowdStrike update on Friday could result in damages exceeding $1...

CrowdStrike update: Warnings from national cyber agencies, repair options from Microsoft

National cybersecurity agencies in the U.S., Canada, the U.K. and Australia issued security warnings about the faulty CrowdStrike...

CrowdStrike update causes global IT outages, fix is available

Some airlines, banks and government services around the world have been affected by a faulty software update for...

Charges dismissed in SolarWinds hacking case

A judge has dismissed most of the Securities and Exchange Commission's (SEC) fraud charges against SolarWinds related to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways