SSH CVE 2023-48795

[keithxxxi]

Hello support team,

We are running a WingFTP server v6.4.8.

Our security team warn us about an SSH vulnerability CVE 2023-48795 "Terrapin Attack".
ALL SSH servers that support ChaCha20-Poly1305 and CBC-EtM algorithms and do not support Strict Key Exchange are vulnerable.

I don't find a patch that fixes this vulnerability.
Please offer a solution.

Thank you!

[FTP]

OK, so please upgrade to v7.3.0 first, then click all the buttons "Reset to Default" under "Server > Settings > General Settings > Security" and click the button "OK" to save it.