Forum Discussion
Critical Vulnerability in Progress Software WS_FTP...
Critical Vulnerability in Progress Software WS_FTP Exploited in the Wild (CVE-2023-40044)
On September 27, Progress Software, published an advisory for several vulnerabilities in its WS_FTP Server secure file transfer solution including two critical flaws:
CVE-2023-40044, the most critical of the two, was assigned a CVSSv3 score of 10.0 by Progress Software. Two days after publishing its advisory, a public proof-of-concept (PoC) became available on the social media platform X (formerly known as Twitter). One day later, reports emerged of in-the-wild exploitation of this vulnerability.
For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.
5 Replies
Does tenable will publish a plugin IDs for CVE-2023-40044 (CVSS: 10), CVE-2023-42657 (CVSS 9.9), CVE-2023-40045 (CVSS 8.3)?
Hello @Pabel Delossantos,
Our plugin for these vulnerabilities are now available:
https://www.tenable.com/plugins/nessus/182521
Thanks,
Satnam
Excellent! thanks.!!!
