all InfoSec news
CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst
Malware Analysis, News and Indicators - Latest topics malware.news
CVE-2024-25153, a critical Unsafe File Upload and Directory Traversal vulnerability in Fortra FileCatalyst, allows a remote unauthenticated attacker to gain Remote Code Execution (RCE) on a web server. This affects Fortra FileCatalyst Workflow 5.x before 5.1.6 Build 114.
We have created a full proof-of-concept exploit for this vulnerability, which can be found at GitHub below.
GitHub: https://github.com/nettitude/CVE-2024-25153
Fortra FileCatalyst is an enterprise managed file transfer (MFT) solution which consists of several components – FileCatalyst Direct, Workflow, and Central. …
attacker build can code code execution concept critical cve directory directory traversal exploit file file upload forensics fortra found proof proof-of-concept rce remote code remote code execution server unauthenticated upload vulnerability web web server workflow