module
Progress Software WS_FTP Unauthenticated Remote Code Execution
| Disclosed |
|---|
| Sep 27, 2023 |
Disclosed
Sep 27, 2023
Description
This module exploits an unsafe .NET deserialization vulnerability to achieve unauthenticated remote code
execution against a vulnerable WS_FTP server running the Ad Hoc Transfer module. All versions of WS_FTP Server
prior to 2020.0.4 (version 8.7.4) and 2022.0.2 (version 8.8.2) are vulnerable to this issue. The vulnerability
was originally discovered by AssetNote.
execution against a vulnerable WS_FTP server running the Ad Hoc Transfer module. All versions of WS_FTP Server
prior to 2020.0.4 (version 8.7.4) and 2022.0.2 (version 8.8.2) are vulnerable to this issue. The vulnerability
was originally discovered by AssetNote.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.