A zero-day vulnerability has been discovered in MOVEit Transfer, a file transfer software developed by Ipswitch. This vulnerability poses a risk of data theft from organizations. MOVEit Transfer provides secure file transfers between businesses and their partners or customers, either as an on-premise solution managed by the customer or a cloud SaaS platform managed by the developer.
The software developer has released a security advisory regarding the “Critical” vulnerability, which has been identified as a SQL injection flaw leading to remote code execution by cybersecurity firm Rapid7. The vulnerability is associated with a webshell named ‘human2.asp,’ allowing unauthorized access to stored files, user names, file paths, and other sensitive information. Patches have been released for various versions of MOVEit Transfer. Companies using this software are strongly advised to temporarily halt operations, thoroughly investigate for compromises, and promptly apply the available patch before resuming server activities.
Relevant URL: https://www.bleepingcomputer.com/news/security/new-moveit-transfer-zero-day-mass-exploited-in-data-theft-attacks/