Progress Software has released patches for critical file transfer bugs in its WS_FTP product. Thousands of customers worldwide may be affected. One of the vulnerabilities, CVE-2023-40044, allows a pre-authenticated attacker to execute remote commands on the underlying operating system. Another critical bug, CVE-2023-42657, enables an attacker to perform file operations outside of their authorized folder path. Immediate attention and mitigation steps are advised. #ProgressSoftware #filetransferbugs #WS_FTP #vulnerabilities #patching

https://www.infosecurity-magazine.com/news/moveit-patches-critical-file/