SSH CVE 2023-48795

Please post here if you have problems in using Wing FTP Server.
Post Reply
keithxxxi
Posts: 1
Joined: Tue Jan 02, 2024 7:23 am

SSH CVE 2023-48795

Post by keithxxxi »

Hello support team,

We are running a WingFTP server v6.4.8.

Our security team warn us about an SSH vulnerability CVE 2023-48795 "Terrapin Attack".
ALL SSH servers that support ChaCha20-Poly1305 and CBC-EtM algorithms and do not support Strict Key Exchange are vulnerable.

I don't find a patch that fixes this vulnerability.
Please offer a solution.

Thank you!
FTP
Site Admin
Posts: 2091
Joined: Tue Sep 29, 2009 6:09 am

Re: SSH CVE 2023-48795

Post by FTP »

OK, so please upgrade to v7.3.0 first, then click all the buttons "Reset to Default" under "Server > Settings > General Settings > Security" and click the button "OK" to save it.
Post Reply