In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2023-40044 | Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability | secondary_impact | T1202 | Indirect Command Execution |
Comments
Zero-day .NET deserialization vulnerability that allows an adversary to make an HTTP POST request to a vulnerable WS_FTP Server and execute commands.
References
|
| CVE-2023-40044 | Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability | primary_impact | T1071.002 | File Transfer Protocols |
Comments
Zero-day .NET deserialization vulnerability that allows an adversary to make an HTTP POST request to a vulnerable WS_FTP Server and execute commands.
References
|
| CVE-2023-40044 | Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability | exploitation_technique | T1059 | Command and Scripting Interpreter |
Comments
Zero-day .NET deserialization vulnerability that allows an adversary to make an HTTP POST request to a vulnerable WS_FTP Server and execute commands.
References
|