by vicarius
log in join community
by @jakaba
02 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

CrushFTP File Read vulnerability (CVE-2024-4040)

by @jakaba
by @jakaba
02 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

CrushFTP File Read vulnerability (CVE-2024-4040)

CVEs

CVE-2024-4040
9.8 Critical Severity

Apps

C
CrushftpCrushftp
11.0.1 27.*
11.0.1 1.*
11.0.1 20.*
11.1.0 18.*
11.1.0 7.*
11.1.0 6.*
11.1.0 2.*
11.0.1 5.*
11.0.1 21.*
11.1.0 1.*

PoC video

Summary

The critical server-side template injection vulnerability, CVE-2024-4040, in the versatile CrushFTP software, poses a significant threat to global organizations, necessitating immediate updates to mitigate security risks effectively.

Description

Tags

#account_bypass#SSTI#CVE-2024-4040
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

0

Social media links

Comments (1)