1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability

Known Exploited Vulnerabilities CVE-2023-40044

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.  

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-40044 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability secondary_impact T1202 Indirect Command Execution
Comments
Zero-day .NET deserialization vulnerability that allows an adversary to make an HTTP POST request to a vulnerable WS_FTP Server and execute commands.
References
  1. https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044
  2. https://www.tenable.com/blog/cve-2023-40044-cve-2023-42657-progress-software-patches-multiple-vulnerabilities-in-ws-ftp
CVE-2023-40044 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability primary_impact T1071.002 File Transfer Protocols
Comments
Zero-day .NET deserialization vulnerability that allows an adversary to make an HTTP POST request to a vulnerable WS_FTP Server and execute commands.
References
  1. https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044
  2. https://www.tenable.com/blog/cve-2023-40044-cve-2023-42657-progress-software-patches-multiple-vulnerabilities-in-ws-ftp
CVE-2023-40044 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability exploitation_technique T1059 Command and Scripting Interpreter
Comments
Zero-day .NET deserialization vulnerability that allows an adversary to make an HTTP POST request to a vulnerable WS_FTP Server and execute commands.
References
  1. https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044
  2. https://www.tenable.com/blog/cve-2023-40044-cve-2023-42657-progress-software-patches-multiple-vulnerabilities-in-ws-ftp