Описание
In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Product
- Broken LinkThird Party Advisory
- Press/Media CoverageThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Product
- Broken LinkThird Party Advisory
- Press/Media CoverageThird Party Advisory
- US Government Resource
Уязвимые конфигурации
Одно из
EPSS
10 Critical
CVSS3
8.8 High
CVSS3
Дефекты
Связанные уязвимости
In WS_FTP Server version 8.7.0 prior to 8.7.4 and version 8.8.0 prior to 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Уязвимость модуля Ad hoc Transfer Module сервера WS_FTP Server, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
10 Critical
CVSS3
8.8 High
CVSS3