CVE-2024-53552
9.8CRITICALCrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.
Veröffentlicht: 12/10/2024Aktualisiert: 6/27/2025
Beschreibung
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.
KI-AnalyseKI-gestützt
Betroffene Produkte
crushftpcrushftp
crushftpcrushftp
Referenzen
- https://www.crushftp.com/crush11wiki/Wiki.jsp?page=UpdateVendor Advisory