Fortra has launched particulars of a now-patched crucial safety flaw impacting its FileCatalyst file switch resolution that would enable unauthenticated attackers to realize distant code execution on inclined servers.
Tracked as CVE-2024-25153, the shortcoming carries a CVSS rating of 9.8 out of a most of 10.
“A listing traversal throughout the ‘ftpservlet’ of the FileCatalyst Workflow Internet Portal permits information to be uploaded outdoors of the supposed ‘uploadtemp’ listing with a specifically crafted POST request,” the corporate stated in an advisory final week.
“In conditions the place a file is efficiently uploaded to net portal’s DocumentRoot, specifically crafted JSP information may very well be used to execute code, together with net shells.”
The vulnerability, the corporate stated, was first reported on August 9, 2023, and addressed two days later in FileCatalyst Workflow model 5.1.6 Construct 114 and not using a CVE identifier. Fortra was approved as a CVE Numbering Authority (CNA) in early December 2023.
Safety researcher Tom Wedgbury of LRQA Nettitude has been credited with discovering and reporting the flaw. The corporate has since launched a full proof-of-concept (PoC) exploit, describing how the flaw may very well be weaponized to add an internet shell and execute arbitrary system instructions.
Additionally resolved by Fortra in January 2024 are two different safety vulnerabilities in FileCatalyst Direct (CVE-2024-25154 and CVE-2024-25155) that would result in info leakage and code execution.
With beforehand disclosed flaws in Fortra GoAnywhere managed file switch (MFT) coming below heavy exploitation final 12 months by menace actors like Cl0p, it is really helpful that customers have utilized the mandatory updates to mitigate potential threats.
