CVE-2024-53552
9.8CRITICALCrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.
Published: 12/10/2024Updated: 6/27/2025
Description
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.
AI AnalysisPowered by AI
Affected Products
crushftpcrushftp
crushftpcrushftp
References
- https://www.crushftp.com/crush11wiki/Wiki.jsp?page=UpdateVendor Advisory