Fortra recently addressed a critical Remote Code Execution (RCE) vulnerability in its FileCatalyst software, specifically affecting the FileCatalyst Workflow Web Portal [2].
Description
Identified as CVE-2024-25153 [1] [2] [7] [8], this flaw allows unauthenticated attackers to gain remote code execution on vulnerable servers by exploiting a directory traversal issue within the ‘ftpservlet’ component [1]. Attackers can upload files outside the designated directory through a specially crafted POST request [2] [9], potentially leading to the execution of code [1] [2] [9], including web shells [1] [4] [6] [9], on the server [2]. This vulnerability, with a high CVSS score of 9.8, has been categorized as critical. Fortra has released an update for FileCatalyst Workflow (version 5.1.6 Build 114 or higher) to address this issue and mitigate the associated risks [2]. Additionally, FileCatalyst Direct is also susceptible to the same exploit [8]. The vulnerability was patched in August 2023 [9], and Fortra [1] [2] [5] [6] [7], now a CVE Numbering Authority [3], coordinated its disclosure in March 2024 [3]. LRQA Nettitude’s proof-of-concept exploit demonstrates how an attacker can upload a command shell to execute OS commands [8], potentially resulting in data breaches or injection of malicious code [8]. It is recommended to upgrade to version 5.1.6 Build 114 or higher to mitigate this vulnerability.
Conclusion
This vulnerability poses significant risks to servers running FileCatalyst software, potentially leading to data breaches or the injection of malicious code [8]. It is crucial for users to update to version 5.1.6 Build 114 or higher to protect against this exploit and safeguard their systems from potential attacks in the future.
References
[1] https://vulners.com/thn/THN:64F9031DB04E714CF10F0FFF3243CD62
[2] https://cybersecuritynews.com/vulnerability-in-fortra-filecatalyst/
[3] https://www.helpnetsecurity.com/2024/03/19/cve-2024-25153-poc-exploit/
[4] https://www.darkreading.com/vulnerabilities-threats/fortra-releases-update-on-critical-severity-rce-flaw
[5] https://techempiresolutions.wordpress.com/2024/03/18/fortra-patches-critical-rce-vulnerability-in-filecatalyst-transfer-tool/
[6] https://cyber.vumetric.com/security-news/2024/03/19/poc-exploit-for-critical-fortra-filecatalyst-mft-vulnerability-released-cve-2024-25153/
[7] https://cyber.vumetric.com/security-news/2024/03/18/fortra-patches-critical-rce-vulnerability-in-filecatalyst-transfer-tool/
[8] https://www.scmagazine.com/news/fortra-filecatalyst-rce-bug-disclosed-full-poc-exploit-available
[9] https://securityaffairs.com/160694/hacking/fortra-filecatalyst-critical-flaw.html