## https://sploitus.com/exploit?id=SAINT:AD76D020F4BFD39761B8B221BDD8C3BD
Added: 04/08/2024
### Background
[FileCatalyst Workflow](<https://www.goanywhere.com/products/filecatalyst/filecatalyst-workflow>) is a managed file transfer product.
### Problem
The `**ftpservlet**` component in the FileCatalyst Workflow web portal is affected by a directory traversal vulnerability which could allow an anonymous user to upload files to arbitrary locations. This leads to remote command execution if a JSP file is uploaded to the document root.
### Resolution
Upgrade to FileCatalyst 5.1.6 Build 114 or higher.
### References
<https://www.fortra.com/security/advisory/fi-2024-002>
<https://labs.nettitude.com/blog/cve-2024-25153-remote-code-execution-in-fortra-filecatalyst/>
### Limitations
If this exploit succeeds, the web shell must be removed manually.