Scripter Nov 12, 2023
Angreifer können durch kritische Lücke in WS_FTP Systeme kompromittieren | heise online
https://heise.de/-9357127 #WS_FTP #Sicherheitslücke
Kritische Sicherheitslücke in WS_FTP erlaubt Datei-Upload an beliebige Stellen

Angreifer können in WS_FTP Dateien an beliebige Stellen des Server-Dateisystems hochladen. Ein Update zur Fehlerkorrektur steht bereit.

heise online
Geeky Malcölm 🇨🇦Oct 3, 2023

Security researchers believe mass exploitation attempts against #WS_FTP have begun

https://www.theregister.com/2023/10/02/ws_ftp_update/

Security researchers believe mass exploitation attempts against WS_FTP have begun

Early signs emerge after Progress Software said there were no active attempts last week

The Register
ottotoOct 3, 2023

「セキュリティ研究者は、 #WS_FTP に対する大規模な悪用の試みが始まっていると考えています 」: The Register

#Progress は 水曜日、WS_FTP の 8 つの個別の #脆弱性 に対する 修正をリリースしました 。その中には、CVSS 重大度スケールで最大スコア 10 と評価された脆弱性も含まれています。 」

https://www.theregister.com/2023/10/02/ws_ftp_update/

#prattohome #TheResister

Security researchers believe mass exploitation attempts against WS_FTP have begun

Early signs emerge after Progress Software said there were no active attempts last week

The Register
BmixedOct 2, 2023
#cybersecurity #exploit #ws_ftp
Mass exploitation attempts against WS_FTP have begun • The Register
https://www.theregister.com/2023/10/02/ws_ftp_update/
Security researchers believe mass exploitation attempts against WS_FTP have begun

Early signs emerge after Progress Software said there were no active attempts last week

The Register
Taylor ParizoOct 2, 2023
Neat, a Velociraptor artifact for detecting #WS_FTP
https://docs.velociraptor.app/exchange/artifacts/pages/ws_ftp/
Windows.Detection.WS_FTP :: Velociraptor - Digging deeper!

🛡 [email protected]/:~# Oct 2, 2023

"🚨 Critical Vulnerabilities Unearthed in WS_FTP Server by Progress Software 🚨"

Progress Software has issued a warning regarding multiple critical vulnerabilities found in its WS_FTP Server. The vulnerabilities span a range of issues including .NET deserialization, directory traversal, SQL injection, and cross-site scripting, with severity scores ranging from 5.3 (Medium) to a whopping 10.0 (Critical). The most severe among them, CVE-2023-40044 and CVE-2023-42657, could potentially allow attackers to execute remote commands on the WS_FTP Server operating system and perform unauthorized file operations respectively. Progress has rolled out patches to address these vulnerabilities, urging users to upgrade to the latest version, 8.8.2, to safeguard against exploitation.

The article is penned by Eswar on October 2, 2023, who is known for his engaging cybersecurity content. This discovery sheds light on the importance of regular security audits and timely patch management to thwart potential cyber threats. 🛡️🔐

Source: GBHackers

Tags: #CyberSecurity #Vulnerability #WS_FTP #ProgressSoftware #PatchManagement #InfoSec #CVE202340044 #CVE202342657

Progress Software Warns of Critical Vulnerability in WS_FTP Server

Multiple vulnerabilities have been discovered in Progress’s WS_FTP which include .NET deserialization, directory traversal, reflected cross-site scripting (XSS), SQL injection, stored cross-site scripting

GBHackers - Latest Cyber Security News | Hacker News
Caitlin CondonOct 1, 2023
Blog on #WS_FTP Server updated with attacker behavior Rapid7 IR folks are seeing tonight. Multiple instances of exploitation in the wild all within minutes of one another, all with the same behavior. https://www.rapid7.com/blog/post/2023/09/29/etr-critical-vulnerabilities-in-ws_ftp-server/
Critical Vulnerabilities in WS_FTP Server | Rapid7 Blog

Rapid7
Caitlin CondonOct 1, 2023
Our MDR squad is looking at what appears to be #WS_FTP Server exploitation in the wild. Not surprising. https://www.rapid7.com/blog/post/2023/09/29/etr-critical-vulnerabilities-in-ws_ftp-server/
Critical Vulnerabilities in WS_FTP Server | Rapid7 Blog

Rapid7
RF WaveSep 30, 2023

Progress has released software updates to address eight vulnerabilities in its WS_FTP Server software that could lead to remote code execution. Vulnerabilities include deserialization, directory traversal, XSS, SQL injection, CSRF and authentication bypass. WS_FTP Server versions before 8.7.4 and 8.8.2 are affected. Users are advised to update ASAP.

#cybersecurity #progress #ws_ftp

https://thehackernews.com/2023/09/progress-software-releases-urgent.html

Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

Progress Software releases hotfixes for critical CVE-2023-40044 and 7 other vulnerabilities in WS_FTP Server

The Hacker News
mle✨Sep 29, 2023

Progress Software is having an interesting time. First #MOVEit, now multiple #vulnerability disclosures for their #WS_FTP product. The silver lining here is that it doesn’t look like any of these are known to have been exploited in the wild. (Yet?)

But out of curiosity, we looked at the Internet exposure of WS_FTP instances with the Ad Hoc Transfer module installed, read about it here ⬇️

#infosec #securityResearch #CensysResearch #MFT (No, this isn’t MFT but it all feels very…related.)

https://censys.com/cve-2023-40044/

CVE-2023-40044: A Look at the Critical Ad Hoc Transfer Module Vulnerability in WS_FTP

Examining the Internet footprint of WS_FTP services using the critically vulnerable Ad Hoc Transfer module.

Censys