← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-40044 — Actively Exploited: WS_FTP Server (Progress)

Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.

CVE IDCVE-2023-40044
VendorProgress
ProductWS_FTP Server
Vulnerability nameProgress WS_FTP Server Deserialization of Untrusted Data Vulnerability
Date added2023-10-05
Remediation due2023-10-26
Known ransomware useKnown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionProgress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →