Fortra has introduced details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow for unauthenticated attackers to gain remote code execution on susceptible servers.
Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.
“A directory traversal in the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal will allow information to be uploaded outside of the supposed ‘uploadtemp’ listing with a specifically crafted Post request,” the business mentioned in an advisory previous week.
“In scenarios the place a file is correctly uploaded to web portal’s DocumentRoot, specifically crafted JSP files could be utilised to execute code, which include web shells.”
The vulnerability, the corporation reported, was to start with described on August 9, 2023, and resolved two days later in FileCatalyst Workflow version 5.1.6 Create 114 without having a CVE identifier. Fortra was licensed as a CVE Numbering Authority (CNA) in early December 2023.
Security researcher Tom Wedgbury of LRQA Nettitude has been credited with finding and reporting the flaw. The organization has since introduced a complete evidence-of-thought (PoC) exploit, describing how the flaw could be weaponized to upload a web shell and execute arbitrary process instructions.
Also resolved by Fortra in January 2024 are two other security vulnerabilities in FileCatalyst Immediate (CVE-2024-25154 and CVE-2024-25155) that could direct to info leakage and code execution.
With formerly disclosed flaws in Fortra GoAnywhere managed file transfer (MFT) coming beneath major exploitation very last 12 months by risk actors like Cl0p, it can be advisable that buyers have applied the vital updates to mitigate possible threats.
Discovered this report exciting? Abide by us on Twitter and LinkedIn to read through far more exclusive content material we write-up.
Some parts of this article are sourced from:
thehackernews.com