Skip to content

Directory Traversal PoC in FileCatalyst Workflow - 20240319001

Overview

A proof of concept (PoC) has been released for a vulnerability where the 'ftpservlet' of the FileCatalyst Workflow Web Portal may allow files to be uploaded outside of the intended 'uploadtemp' directory with a POST request. In situations where a file is successfully uploaded to a web portal's DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.

What is vulnerable?

CVE Severity CVSS Product(s) Affected Summary
CVE-2024-25153 Critical 9.8 Fortra FileCatalyst Workflow 5.x before 5.1.6 Build 114 Critical

What has been observed?

The vulnerability was reported on August 9, 2023, and addressed two days later in FileCatalyst Workflow version 5.1.6 Build 114 without a CVE identifier however Fortra published the CVE on March 13, 2024. There has since been a proof of concept released by security researchers.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours (refer Patch Management):

Additional References