by vicarius
log in join community
by @jakaba
02 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

CrushFTP File Read vulnerability (CVE-2024-4040)

by @jakaba
by @jakaba
02 May 2024
#cve_analysis

Write a blog analysis for a CVE

publish

CrushFTP File Read vulnerability (CVE-2024-4040)

CVEs

CVE-2024-4040
9.8 Critical Severity

Apps

C
CrushftpCrushftp
*.*
11.2.3.*
8.3.3.*
11.2.2.*
8.2.0.*
11.3.0.*
11.2.0.*
11.3.1.*
8.1.0.*
11.1.0.*

PoC video

Summary

The critical server-side template injection vulnerability, CVE-2024-4040, in the versatile CrushFTP software, poses a significant threat to global organizations, necessitating immediate updates to mitigate security risks effectively.

Description

Tags

#account_bypass#SSTI#CVE-2024-4040
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (1)