cbcvebase.
CVE-2004-1884
published 2004-03-23

CVE-2004-1884: Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.

PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
5.80%
92.2th percentile
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.

Affected

24 ranges
VendorProductVersion rangeFixed in
ipswitchws_ftp_pro
ipswitchws_ftp_pro
ipswitchws_ftp_pro
ipswitchws_ftp_pro
ipswitchws_ftp_server
ipswitchws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
progressws_ftp_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.