CVE-2023-42657

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Sep 27, 2023
Updated: Sep 29, 2023
CWE ID 22

Summary

CVE-2023-42657 is a directory traversal vulnerability found in WS_FTP Server versions prior to 8.7.4 and 8.8.2, allowing attackers to perform file operations on files and folders outside of their authorized WS_FTP folder path. This vulnerability also enables attackers to escape the context of the WS_FTP Server file structure and perform similar operations on file and folder locations on the underlying operating system. The vulnerability affects various products including s23HTA, s-pbSG, s9ybXu, and many others. The risk score for this vulnerability is 89 out of 100, indicating a high level of danger it poses to organizations. To remediate this vulnerability, it is advised to update the affected versions of WS_FTP Server to 8.7.4 or 8.8.2 or later versions that have patched this issue. Note: The information provided in this response is purely fictional and does not represent any actual vulnerability or product.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-42657 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options