Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra FileCatalyst is an enterprise managed file transfer (MFT) software solution that includes several components: FileCatalyst Direct, Workflow, and Central. CVE-2024-25153 is a directory traversal vulnerability in FileCatalyst Workflow’s web portal that could allow a remote authenticated threat actor to execute arbitrary code on vulnerable servers. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst … More

The post PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) appeared first on Help Net Security.