CVE-2023-40044 — Actively Exploited: WS_FTP Server (Progress)
Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.
| CVE ID | CVE-2023-40044 |
|---|---|
| Vendor | Progress |
| Product | WS_FTP Server |
| Vulnerability name | Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability |
| Date added | 2023-10-05 |
| Remediation due | 2023-10-26 |
| Known ransomware use | Known |
| Required action | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. |
| Description | Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →