CVE-2023-42659 – WS_FTP Server Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-42659
In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application. WS_FTP Server en las versiones anteriores a 8.7.6 y 8.8.4, se identificó una falla en la carga de archivos sin restricciones. Un usuario autenticado de Ad Hoc Transfer tiene la capacidad de crear una llamada API que le permite cargar un archivo en una ubicación específica en el sistema operativo subyacente que aloja la aplicación del servidor WS_FTP. • https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023 https://www.progress.com/ws_ftp • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-40049 – WS_FTP Server Information Disclosure via Directory Listing
https://notcve.org/view.php?id=CVE-2023-40049
In WS_FTP Server version prior to 8.8.2, an unauthenticated user could enumerate files under the 'WebServiceHost' directory listing. En la versión del servidor WS_FTP anterior a la 8.8.2, un usuario no autenticado podía enumerar archivos en la lista del directorio 'WebServiceHost'. • https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 https://www.progress.com/ws_ftp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-40048 – WS_FTP Server Cross-Site Request Forgery (CSRF) Vulnerability
https://notcve.org/view.php?id=CVE-2023-40048
In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function. En la versión del servidor WS_FTP anterior a la 8.8.2, a la interfaz del Administrador del servidor WS_FTP le faltaba protección contra Cross-Site Reuqest Forgery (CSRF) en una transacción POST correspondiente a una función administrativa del servidor WS_FTP. • https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 https://www.progress.com/ws_ftp • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-40047 – WS_FTP Server Stored Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2023-40047
In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads. Once the cross-site scripting payload is successfully stored, an attacker could leverage this vulnerability to target WS_FTP Server admins with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser. En la versión del servidor WS_FTP anterior a la 8.8.2, existe una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en el módulo de administración del servidor WS_FTP. Un atacante con privilegios administrativos podría importar un certificado SSL con atributos maliciosos que contengan payloads de Cross-Site Scripting. • https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 https://www.progress.com/ws_ftp • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-40046 – WS_FTP Server SQL Injection via Administrative Interface
https://notcve.org/view.php?id=CVE-2023-40046
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and execute SQL statements that alter or delete database elements. En las versiones del servidor WS_FTP anteriores a 8.7.4 y 8.8.2, existe una vulnerabilidad de inyección SQL en la interfaz del administrador del servidor WS_FTP. Un atacante puede inferir información sobre la estructura y el contenido de la base de datos, y ejecutar declaraciones SQL que alteren o eliminen elementos de la base de datos. • https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 https://www.progress.com/ws_ftp • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •