all InfoSec news
Critical Flaw Patched in Progress File Transfer Server
Malware Analysis, News and Indicators - Latest topics malware.news
Progress Software, the maker of the MOVEit Transfer app that has been targeted by attackers for several months, is warning customers about a critical vulnerability in its WS_FTP Server product that can allow arbitrary remote code execution.
The vulnerability (CVE-2023-40044) is a deserialization bug in the Ad Hoc Transfer module in WS_FTP Server, a secure file transfer product. The flaw affects all versions of the server and can be exploited without authentication.
“In WS_FTP Server versions prior to 8.7.4 and …
app attackers bug code code execution critical critical flaw critical vulnerability customers cve deserialization file file transfer flaw moveit moveit transfer product progress progress software remote code remote code execution server software transfer vulnerability warning ws_ftp