Start your day with intelligence. Get The OODA Daily Pulse.

Home > Briefs > Cyber > Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw

Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw

Vulnerability researchers at Rapid7 discovered threat actors targeting a pre-authentication flaw in Progress Software’s WS_FTB server. The attacks come just days after the company released security patches for the server product.

CVE-2023-40044 is a critical severity flaw that affects all WS_FTP Server versions prior to 8.7.4 and 8.8.2. Rapid7 researchers noted that attackers utilized the same Burp Suite domain across all exploit attempts, possibly indicating a single threat actor is behind the activity. Assetnote discovered that 3,000 hosts are still running outdated and exposed versions of WS_FTP. Many of the servers contain sensitive assets belonging to large companies and governments.

Read More:

https://www.securityweek.com/live-exploitation-underscores-urgency-to-patch-critical-ws-ftp-server-flaw/