by vicarius
log in join community
by @jakaba
02 May 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

CrushFTP File Read vulnerability (CVE-2024-4040) - exploit

by @jakaba
by @jakaba
02 May 2024
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

CrushFTP File Read vulnerability (CVE-2024-4040) - exploit

Apps

CFS
Crushftp FTP ServerBEN Spink
*.*
2.1.6.*
2.1.4.*

PoC video

Summary

The critical server-side template injection vulnerability, CVE-2024-4040, in the versatile CrushFTP software, poses a significant threat to global organizations, necessitating immediate updates to mitigate security risks effectively.

general

Description

Tags

#account_bypass#SSTI#CVE-2024-4040
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

0

Social media links

Comments (0)