CVSS 3.1 Score 8.8 of 10 (high)


Published Sep 27, 2023
Updated: Oct 13, 2023
CWE ID 502


CVE-2023-40044 is a high-severity vulnerability that affects WS_FTP Server versions prior to 8.7.4 and 8.8.2. The vulnerability allows a pre-authenticated attacker to exploit a .NET deserialization vulnerability in the Ad Hoc Transfer module, enabling them to execute remote commands on the underlying WS_FTP Server operating system. This vulnerability poses a potential danger to organizations using these affected versions of WS_FTP Server, as it can be leveraged by an attacker to gain unauthorized access and control over the system. To remediate this vulnerability, organizations should update their WS_FTP Server to version 8.7.4 or 8.8.2 or apply any available patches or security fixes provided by the vendor.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-40044 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options