CVE-2024-25153

A directory traversal within the ftpservlet of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended uploadtemp directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portals DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
FortraCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
fortrafilecatalyst_workflow
5.0 ≤
𝑥
< 5.1.6
fortrafilecatalyst_workflow
5.1.6:build112
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://filecatalyst.software/public/filecatalyst/Workflow/5.1.6.114/fcweb_releasenotes.html
https://www.fortra.com/security/advisory/fi-2024-002
https://filecatalyst.software/public/filecatalyst/Workflow/5.1.6.114/fcweb_releasenotes.html
https://www.fortra.com/security/advisory/fi-2024-002