WS_FTP Server Users Beware – Unrestricted File Upload Flaw Allows Remote Code Execution

CVECVE-2023-42659
CVSScvssV3_1: 9.1
SourceCVE-2023-42659

The popular FTP server software WS_FTP Server has been found to contain a vulnerability that allows authenticated users to upload files to arbitrary locations on the underlying system.

The vulnerability, tracked as CVE-2023-42659, receives a CVSS score of 9.1 out of 10 due to its ability to allow remote code execution. It exists in versions prior to 8.7.6 and 8.8.4 of WS_FTP Server.

By crafting a special API call, an authenticated Ad Hoc Transfer user can bypass intended access restrictions and upload files wherever they want on the server hosting WS_FTP. This could allow the uploading of malicious files, like executable scripts, that once executed would give the attacker full control of the compromised system.

If you are a user of WS_FTP Server, it is highly recommended to immediately update your installation to version 8.7.6 or higher to patch this vulnerability. You should also carefully review and restrict the permissions of any FTP user accounts. Monitoring your systems for unusual or suspicious activity is also advised. Taking prompt action will help prevent remote attackers from exploiting this flaw and gaining unauthorized access through uploaded malware.

References