Security researchers have spotted what they believe to be a “possible mass exploitation” of vulnerabilities in Progress Software’s WS_FTP Server.
Researchers at Rapid7 began noticing evidence of exploitation on 30 September across multiple instances of WS_FTP.
Progress released fixes for eight separate vulnerabilities in WS_FTP on Wednesday, including one rated a maximum score of 10 on the CVSS severity scale. Days later, the company said there was no evidence of exploitation at the time.