Progress WS_FTP Server

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:progress:ws_ftp_server:-:*:*:*:*:*:*:*

part: a version: - update: *

VendorProgress (f9d80521-f73f-5a85-8df9-9306f2f67809)
ProductWs Ftp Server (7ffa19d4-ca51-5a19-8205-d8261d7ef2ca)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-7745 vulnerable 2026-06-03 14:58:07.091345 Multi-Factor Authentication Bypass in Progress WS_FTP Server
MEDIUM (6.5)
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only.
Published: 2024-08-28T16:31:03.604Z
Updated: 2024-08-28T17:43:13.099Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-7744 vulnerable 2026-06-03 14:58:07.089267 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Progress WS_FTP Server
MEDIUM (6.5)
In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal.   An authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:)
Published: 2024-08-28T16:30:14.787Z
Updated: 2024-08-28T17:50:10.933Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.