CVE-2022-27665
published 2023-04-03CVE-2022-27665: Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and…
PriorityP341medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
33.11%
98.2th percentile
Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| progress | ws_ftp_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT WS_FTP Reflected XSS Payload Observed M1 (CVE-2022-27665)
suricata·2023-09-28·CVSS 6.1
CVE-2022-27665 [MEDIUM] ET EXPLOIT WS_FTP Reflected XSS Payload Observed M1 (CVE-2022-27665)
ET EXPLOIT WS_FTP Reflected XSS Payload Observed M1 (CVE-2022-27665)
Rule: alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT WS_FTP Reflected XSS Payload Observed M1 (CVE-2022-27665)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/WtmApiService.asmx/GetFileSubTree"; http.request_body; content:"|22|subFolderPath|22 3a 22 7b 7b|"; fast_pattern; reference:cve,2022-27665; reference:url,github.com/dievus/CVE-2022-27665; classtype:attempted-admin; sid:2048317; rev:2; metadata:affected_product WS_FTP, attack_target Server, created_at 2023_09_28, cve CVE_2022_27665, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag Exploit, updated_at 2024_06_23, reviewed_at 2023_09_28, mitre_tactic_id TA0001, mitre_tactic
No public exploits indexed.
Tenable
CVE-2023-40044, CVE-2023-42657: Progress Software Patches Multiple Vulnerabilities in WS_FTP Server
blogs_tenable·2023-10-02·CVSS 10.0
[CRITICAL] CVE-2023-40044, CVE-2023-42657: Progress Software Patches Multiple Vulnerabilities in WS_FTP Server
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Huntress
Critical Vulnerabilities: WS_FTP Exploitation | Huntress
blogs_huntress·2023-10-02·CVSS 6.1
CVE-2023-40044 [MEDIUM] Critical Vulnerabilities: WS_FTP Exploitation | Huntress
On Thursday, September 28, 2023, software vendor Progress released a security advisory for numerous vulnerabilities affecting the WS_FTP Server Ad Hoc Transfer Module within their WS_FTP software.
These vulnerabilities were disclosed as:
CVE-2023-40044 (CVSS: 10)
CVE-2023-42657 (CVSS 9.9)
CVE-2023-40045 (CVSS 8.3)
CVE-2023-40046 (CVSS 8.2)
CVE-2023-40048 (CVSS 6.8)
CVE-2022-27665 (CVSS 6.1)
CVE-2023-40049 (CVSS 5.3)
Most notable amongst these were CVE-2023-40044 and CVE-2023-42657, both critical severity issues. Throughout this past weekend, the cybersecurity industry has been chasing CVE-2023-40044 specifically.
## What We Know So Far
As disclosed by Progress , CVE-2023-40044 is the critical (CVSS: 10) remote code execution vulnerability that does not require authentication.
F
Huntress
Critical Vulnerabilities: WS_FTP Exploitation | Huntress
blogs_huntress·CVSS 6.1
CVE-2023-40044 [MEDIUM] Critical Vulnerabilities: WS_FTP Exploitation | Huntress
On Thursday, September 28, 2023, software vendor Progress released a security advisory for numerous vulnerabilities affecting the WS_FTP Server Ad Hoc Transfer Module within their WS_FTP software.
These vulnerabilities were disclosed as:
- CVE-2023-40044 (CVSS: 10)
- CVE-2023-42657 (CVSS 9.9)
- CVE-2023-40045 (CVSS 8.3)
- CVE-2023-40046 (CVSS 8.2)
- CVE-2023-40048 (CVSS 6.8)
- CVE-2022-27665 (CVSS 6.1)
- CVE-2023-40049 (CVSS 5.3)
Most notable amongst these were CVE-2023-40044 and CVE-2023-42657, both critical severity issues. Throughout this past weekend, the cybersecurity industry has been chasing CVE-2023-40044 specifically.
## What We Know So Far
As disclosed by Progress, CVE-2023-40044 is the critical (CVSS: 10) remote code execution vulnerability that does not require authenticat
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023https://docs.ipswitch.com/WS_FTP_Server2020/ReleaseNotes/index.htmhttps://github.com/dievus/CVE-2022-27665https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023https://docs.ipswitch.com/WS_FTP_Server2020/ReleaseNotes/index.htmhttps://github.com/dievus/CVE-2022-27665
2023-04-03
Published