In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ProgressSoftware
Published: 2023-09-27T14:49:03.093Z
Updated: 2024-08-02T19:23:40.363Z
Reserved: 2023-09-12T13:30:29.571Z
Link: CVE-2023-42657
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-27T15:19:32.983
Modified: 2023-09-29T14:34:24.630
Link: CVE-2023-42657
Redhat
No data.