Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-40044 PoC — WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability

Source
https://github.com/kenbuckler/WS_FTP-CVE-2023-40044
Associated Vulnerability
Title:WS_FTP Server Ad Hoc Transfer Module .NET Deserialization Vulnerability (CVE-2023-40044)
Description:In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Description
Analysis of WS_FTP CVE
Readme
# WS_FTP-CVE-2023-40044
Repository with everything I have tracking the impact of WS_FTP CVE-2023-40044

Includes possibly affected organizations and domains utilizing header methods.

I've also built a news ticker which tracks new stories about MOVEit and WS_FTP, available at https://firehose.kenbuckler.com/moveit
File Snapshot

 [4.0K]  /data/pocs/80e85e22d80e1a3d10e9bd196bdfe1d05ea63bd3
├── [ 459]  AffectedDomains20231002Shodan.txt
├── [1.8K]  AffectedOrgs20231002Shodan.txt
├── [ 234]  CurrentVersions20231002Shodan.csv
├── [ 709]  CVE-2023-40044-description.txt
└── [ 316]  README.md

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →