Critical Vulnerabilities in WS_FTP Server

On September 27, 2023, Progress Software published a security advisory on multiple vulnerabilities affecting WS_FTP Server, a secure file transfer solution. There are a number of vulnerabilities in the advisory, two of which are critical (CVE-2023-40044 and CVE-2023-42657).

Rapid7 is not aware of any exploitation in the wild as

advisory aware critical critical vulnerabilities cve emergent threat response exploitation file file transfer progress progress software rapid7 security security advisory september server software solution transfer vulnerabilities vulnerability risk management ws_ftp