Fortra has launched particulars of a now-patched essential security flaw impacting its FileCatalyst file switch answer that might permit unauthenticated attackers to realize distant code execution on prone servers.
Tracked as CVE-2024-25153, the shortcoming carries a CVSS rating of 9.8 out of a most of 10.
“A listing traversal throughout the ‘ftpservlet’ of the FileCatalyst Workflow Net Portal permits information to be uploaded exterior of the meant ‘uploadtemp’ listing with a specifically crafted POST request,” the corporate mentioned in an advisory final week.
“In conditions the place a file is efficiently uploaded to internet portal’s DocumentRoot, specifically crafted JSP information may very well be used to execute code, together with internet shells.”
The vulnerability, the corporate mentioned, was first reported on August 9, 2023, and addressed two days later in FileCatalyst Workflow model 5.1.6 Construct 114 with no CVE identifier. Fortra was approved as a CVE Numbering Authority (CNA) in early December 2023.
Safety researcher Tom Wedgbury of LRQA Nettitude has been credited with discovering and reporting the flaw. The corporate has since launched a full proof-of-concept (PoC) exploit, describing how the flaw may very well be weaponized to add an internet shell and execute arbitrary system instructions.
Additionally resolved by Fortra in January 2024 are two different security vulnerabilities in FileCatalyst Direct (CVE-2024-25154 and CVE-2024-25155) that might result in info leakage and code execution.
With beforehand disclosed flaws in Fortra GoAnywhere managed file switch (MFT) coming below heavy exploitation final 12 months by risk actors like Cl0p, it is really helpful that customers have utilized the mandatory updates to mitigate potential threats.
