CVE-2023-40044CISA KEVEPSS p99.8%

CVE-2023-40044Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability

Progress / WS_FTP Server

Description

Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on the underlying operating system.

Scoring

EPSS90.04% probability of exploitation · percentile 99.8% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2023-10-05

(incoming)1

TypeTargetConfidenceTier
KEVEntryProgress WS_FTP Server Deserialization of Untrusted Data Vulnerabilitykev-cve-2023-400440%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Progress WhatsUp Gold Path Traversal Vulnerability
CVE
Apache ActiveMQ Deserialization of Untrusted Data Vulnerability
CVE
CVE-2025-5595
CVE
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability
CVE
CVE-2026-40357
CVE
CVE-2025-2324
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.