PT-2023-28488 · Ipswitch · Ws Ftp Server
Published
2023-11-07
·
Updated
2023-11-14
·
CVE-2023-42659
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
WS FTP Server versions prior to 8.7.6
WS FTP Server versions prior to 8.8.4
Description
An issue has been identified in WS FTP Server where an authenticated Ad Hoc Transfer user can upload a file to a specified location on the underlying operating system. This is due to an unrestricted file upload flaw.
Recommendations
For versions prior to 8.7.6, update to version 8.7.6 or later.
For versions prior to 8.8.4, update to version 8.8.4 or later.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ws Ftp Server