cbcvebase.
CVE-2024-5805
published 2024-06-25

CVE-2024-5805: Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0.

PriorityP266critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
7.55%
93.8th percentile
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0.

Affected

2 ranges
VendorProductVersion rangeFixed in
progressmoveit_gateway
progressmoveit_gateway>= 2024.0.0 < 2024.0.12024.0.1

Detection & IOCsextracted from sources · hover to see the quote

  • Check Point IPS signature available for related MOVEit Transfer Authentication Bypass vulnerability (CVE-2024-5806), which was disclosed alongside CVE-2024-5805 and shares the same attack surface (MOVEit SFTP modules)
  • ·CVE-2024-5805 affects only MOVEit Gateway version 2024.0.0 (SFTP module); scope is limited to this single version
  • ·A public proof-of-concept (PoC) exploit exists for the closely related CVE-2024-5806 (MOVEit Transfer SFTP Authentication Bypass), which was disclosed at the same time as CVE-2024-5805; defenders should treat exploitation risk as elevated
  • ·Both CVE-2024-5805 and CVE-2024-5806 affect the SFTP service/feature and could allow unauthorized access and potential credential theft; vendor patches are available and urgently recommended
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.