CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7745 – Multi-Factor Authentication Bypass in Progress WS_FTP Server
https://notcve.org/view.php?id=CVE-2024-7745
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only. • https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024 https://www.progress.com/ftp-server • CWE-290: Authentication Bypass by Spoofing CWE-304: Missing Critical Step in Authentication •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7744 – Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Progress WS_FTP Server
https://notcve.org/view.php?id=CVE-2024-7744
In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:) This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WS_FTP. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileHandler module. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of NETWORK SERVICE. • https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-August-2024 https://www.progress.com/ftp-server • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-73: External Control of File Name or Path •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-42659 – WS_FTP Server Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-42659
In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application. WS_FTP Server en las versiones anteriores a 8.7.6 y 8.8.4, se identificó una falla en la carga de archivos sin restricciones. Un usuario autenticado de Ad Hoc Transfer tiene la capacidad de crear una llamada API que le permite cargar un archivo en una ubicación específica en el sistema operativo subyacente que aloja la aplicación del servidor WS_FTP. • https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023 https://www.progress.com/ws_ftp • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40049 – WS_FTP Server Information Disclosure via Directory Listing
https://notcve.org/view.php?id=CVE-2023-40049
In WS_FTP Server version prior to 8.8.2, an unauthenticated user could enumerate files under the 'WebServiceHost' directory listing. En la versión del servidor WS_FTP anterior a la 8.8.2, un usuario no autenticado podía enumerar archivos en la lista del directorio 'WebServiceHost'. • https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 https://www.progress.com/ws_ftp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40048 – WS_FTP Server Cross-Site Request Forgery (CSRF) Vulnerability
https://notcve.org/view.php?id=CVE-2023-40048
In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function. En la versión del servidor WS_FTP anterior a la 8.8.2, a la interfaz del Administrador del servidor WS_FTP le faltaba protección contra Cross-Site Reuqest Forgery (CSRF) en una transacción POST correspondiente a una función administrativa del servidor WS_FTP. • https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 https://www.progress.com/ws_ftp • CWE-352: Cross-Site Request Forgery (CSRF) •