FileCatalyst Workflow ftpservlet file upload

Added: 04/08/2024

Background

FileCatalyst Workflow is a managed file transfer product.

Problem

The ftpservlet component in the FileCatalyst Workflow web portal is affected by a directory traversal vulnerability which could allow an anonymous user to upload files to arbitrary locations. This leads to remote command execution if a JSP file is uploaded to the document root.

Resolution

Upgrade to FileCatalyst 5.1.6 Build 114 or higher.

References

https://www.fortra.com/security/advisory/fi-2024-002
https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/

Limitations

If this exploit succeeds, the web shell must be removed manually.
Back to exploit index