CVE-2023-42659: Critical Vulnerability Discovered in Progress WS_FTP Server

CVE-2023-42659 & CVE-2024-8015

In a recent cybersecurity alert, Progress Software, the developer of the MOVEit Transfer file-sharing platform, has urged its customers to immediately patch a critical vulnerability in its WS_FTP Server software. This vulnerability, identified as CVE-2023-42659 and carrying a CVSS score of 9.1, allows authenticated Ad Hoc Transfer users to upload files to arbitrary locations on the underlying operating system hosting the WS_FTP Server application. This potentially devastating vulnerability could grant attackers unrestricted access to sensitive data and compromise entire systems.

CVE-2023-42659

WS_FTP Server is a widely used enterprise-grade file transfer software, employed by thousands of IT teams worldwide. The CVE-2023-42659 vulnerability affects versions before 8.7.6 and 8.8.4, leaving a significant number of installations exposed to potential exploitation.

“In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application,” Progress said.

Progress Software has emphasized that upgrading to a patched release is the only way to effectively remediate this vulnerability. However, users should be aware that the upgrade process will temporarily halt the WS_FTP Server service, causing a brief outage.

To minimize the disruption caused by the upgrade, it is advisable to schedule the update during a period of low system usage. Additionally, it is crucial to create a full backup of the WS_FTP Server configuration before proceeding with the upgrade.

Organizations are strongly advised to prioritize this vulnerability and take immediate action to upgrade their WS_FTP Server installations to the patched versions. By promptly addressing this critical flaw, organizations can safeguard their systems and sensitive data from potential exploitation.